diff options
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 614 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 812 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog.c | 254 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 434 | ||||
-rw-r--r-- | source3/rpc_server/srv_ntsvcs.c | 107 | ||||
-rw-r--r-- | source3/rpc_server/srv_ntsvcs_nt.c | 636 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 6 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 8 | ||||
-rw-r--r-- | source3/rpc_server/srv_svcctl.c | 144 | ||||
-rw-r--r-- | source3/rpc_server/srv_svcctl_nt.c | 451 | ||||
-rw-r--r-- | source3/rpc_server/srv_winreg_nt.c | 2 |
11 files changed, 1381 insertions, 2087 deletions
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c deleted file mode 100644 index dfb3323873..0000000000 --- a/source3/rpc_server/srv_lsa.c +++ /dev/null @@ -1,614 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997, - * Copyright (C) Jeremy Allison 2001, - * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002-2003. - * Copyright (C) Gerald (Jerry) Carter 2005 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface to the lsa server code. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -static bool proxy_lsa_call(pipes_struct *p, uint8 opnum) -{ - struct api_struct *fns; - int n_fns; - - lsarpc_get_pipe_fns(&fns, &n_fns); - - if (opnum >= n_fns) - return False; - - if (fns[opnum].opnum != opnum) { - smb_panic("LSA function table not sorted"); - } - - return fns[opnum].fn(p); -} - -/*************************************************************************** - api_lsa_open_policy2 - ***************************************************************************/ - -static bool api_lsa_open_policy2(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY2); -} - -/*************************************************************************** -api_lsa_open_policy - ***************************************************************************/ - -static bool api_lsa_open_policy(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY); -} - -/*************************************************************************** - api_lsa_enum_trust_dom - ***************************************************************************/ - -static bool api_lsa_enum_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMTRUSTDOM); -} - -/*************************************************************************** - api_lsa_query_info - ***************************************************************************/ - -static bool api_lsa_query_info(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYINFOPOLICY); -} - -/*************************************************************************** - api_lsa_lookup_sids - ***************************************************************************/ - -static bool api_lsa_lookup_sids(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS q_u; - LSA_R_LOOKUP_SIDS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids: failed to unmarshall LSA_Q_LOOKUP_SIDS.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids: Failed to marshall LSA_R_LOOKUP_SIDS.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names - ***************************************************************************/ - -static bool api_lsa_lookup_names(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES q_u; - LSA_R_LOOKUP_NAMES r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names: failed to unmarshall LSA_Q_LOOKUP_NAMES.\n")); - return False; - } - - r_u.status = _lsa_lookup_names(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names: Failed to marshall LSA_R_LOOKUP_NAMES.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_close. - ***************************************************************************/ - -static bool api_lsa_close(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CLOSE); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_open_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENSECRET); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_privs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVS); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_priv_get_dispname(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVDISPLAYNAME); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_accounts(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTS); -} - -/*************************************************************************** - api_lsa_UNK_GET_CONNUSER - ***************************************************************************/ - -static bool api_lsa_unk_get_connuser(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETUSERNAME); -} - -/*************************************************************************** - api_lsa_create_user - ***************************************************************************/ - -static bool api_lsa_create_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATEACCOUNT); -} - -/*************************************************************************** - api_lsa_open_user - ***************************************************************************/ - -static bool api_lsa_open_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENACCOUNT); -} - -/*************************************************************************** - api_lsa_get_privs - ***************************************************************************/ - -static bool api_lsa_enum_privsaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVSACCOUNT); -} - -/*************************************************************************** - api_lsa_getsystemaccount - ***************************************************************************/ - -static bool api_lsa_getsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETSYSTEMACCESSACCOUNT); -} - - -/*************************************************************************** - api_lsa_setsystemaccount - ***************************************************************************/ - -static bool api_lsa_setsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSYSTEMACCESSACCOUNT); -} - -/*************************************************************************** - api_lsa_addprivs - ***************************************************************************/ - -static bool api_lsa_addprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT); -} - -/*************************************************************************** - api_lsa_removeprivs - ***************************************************************************/ - -static bool api_lsa_removeprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT); -} - -/*************************************************************************** - api_lsa_query_secobj - ***************************************************************************/ - -static bool api_lsa_query_secobj(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYSECURITY); -} - -/*************************************************************************** - api_lsa_add_acct_rights - ***************************************************************************/ - -static bool api_lsa_add_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_remove_acct_rights - ***************************************************************************/ - -static bool api_lsa_remove_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_enum_acct_rights - ***************************************************************************/ - -static bool api_lsa_enum_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_lookup_priv_value - ***************************************************************************/ - -static bool api_lsa_lookup_priv_value(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVVALUE); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_open_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENTRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATETRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATESECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_set_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_delete_object(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_DELETEOBJECT); -} - -/*************************************************************************** - api_lsa_lookup_sids2 - ***************************************************************************/ - -static bool api_lsa_lookup_sids2(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS2 q_u; - LSA_R_LOOKUP_SIDS2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids2: failed to unmarshall LSA_Q_LOOKUP_SIDS2.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids2(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids2: Failed to marshall LSA_R_LOOKUP_SIDS2.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_sids3 - ***************************************************************************/ - -static bool api_lsa_lookup_sids3(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS3 q_u; - LSA_R_LOOKUP_SIDS3 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids3("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids3: failed to unmarshall LSA_Q_LOOKUP_SIDS3.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids3(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids3("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids3: Failed to marshall LSA_R_LOOKUP_SIDS3.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names2 - ***************************************************************************/ - -static bool api_lsa_lookup_names2(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES2 q_u; - LSA_R_LOOKUP_NAMES2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names2: failed to unmarshall LSA_Q_LOOKUP_NAMES2.\n")); - return False; - } - - r_u.status = _lsa_lookup_names2(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names2: Failed to marshall LSA_R_LOOKUP_NAMES2.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names3 - ***************************************************************************/ - -static bool api_lsa_lookup_names3(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES3 q_u; - LSA_R_LOOKUP_NAMES3 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names3("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names3: failed to unmarshall LSA_Q_LOOKUP_NAMES3.\n")); - return False; - } - - r_u.status = _lsa_lookup_names3(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names3("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names3: Failed to marshall LSA_R_LOOKUP_NAMES3.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names4 - ***************************************************************************/ - -static bool api_lsa_lookup_names4(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES4 q_u; - LSA_R_LOOKUP_NAMES4 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names4("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names4: failed to unmarshall LSA_Q_LOOKUP_NAMES4.\n")); - return False; - } - - r_u.status = _lsa_lookup_names4(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names4("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names4: Failed to marshall LSA_R_LOOKUP_NAMES4.\n")); - return False; - } - - return True; -} - -#if 0 /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - api_lsa_query_info2 - ***************************************************************************/ - -static bool api_lsa_query_info2(pipes_struct *p) -{ - LSA_Q_QUERY_INFO2 q_u; - LSA_R_QUERY_INFO2 r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_query_info2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to unmarshall LSA_Q_QUERY_INFO2.\n")); - return False; - } - - r_u.status = _lsa_query_info2(p, &q_u, &r_u); - - if (!lsa_io_r_query_info2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to marshall LSA_R_QUERY_INFO2.\n")); - return False; - } - - return True; -} -#endif /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - \PIPE\ntlsa commands - ***************************************************************************/ - -static struct api_struct api_lsa_cmds[] = -{ - { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 }, - { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy }, - { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info }, - { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, - { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, - { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, - { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs }, - { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname}, - { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts }, - { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser }, - { "LSA_CREATEACCOUNT" , LSA_CREATEACCOUNT , api_lsa_create_account }, - { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account }, - { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount}, - { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount }, - { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, - { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, - { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, - { "LSA_ADDACCTRIGHTS" , LSA_ADDACCTRIGHTS , api_lsa_add_acct_rights }, - { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights }, - { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights }, - { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, - { "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value }, - { "LSA_OPENTRUSTDOM" , LSA_OPENTRUSTDOM , api_lsa_open_trust_dom }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_CREATETRUSTDOM" , LSA_CREATETRUSTDOM , api_lsa_create_trust_dom }, - { "LSA_CREATSECRET" , LSA_CREATESECRET , api_lsa_create_secret }, - { "LSA_SETSECRET" , LSA_SETSECRET , api_lsa_set_secret }, - { "LSA_DELETEOBJECT" , LSA_DELETEOBJECT , api_lsa_delete_object }, - { "LSA_LOOKUPSIDS2" , LSA_LOOKUPSIDS2 , api_lsa_lookup_sids2 }, - { "LSA_LOOKUPNAMES2" , LSA_LOOKUPNAMES2 , api_lsa_lookup_names2 }, - { "LSA_LOOKUPNAMES3" , LSA_LOOKUPNAMES3 , api_lsa_lookup_names3 }, - { "LSA_LOOKUPSIDS3" , LSA_LOOKUPSIDS3 , api_lsa_lookup_sids3 }, - { "LSA_LOOKUPNAMES4" , LSA_LOOKUPNAMES4 , api_lsa_lookup_names4 } -#if 0 /* AD DC work in ongoing in Samba 4 */ - /* be careful of the adding of new RPC's. See commentrs below about - ADS DC capabilities */ - { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 } -#endif /* AD DC work in ongoing in Samba 4 */ -}; - -static int count_fns(void) -{ - int funcs = sizeof(api_lsa_cmds) / sizeof(struct api_struct); - -#if 0 /* AD DC work is on going in Samba 4 */ - /* - * NOTE: Certain calls can not be enabled if we aren't an ADS DC. Make sure - * these calls are always last and that you decrement by the amount of calls - * to disable. - */ - if (!(SEC_ADS == lp_security() && ROLE_DOMAIN_PDC == lp_server_role())) { - funcs -= 1; - } -#endif /* AD DC work in ongoing in Samba 4 */ - - return funcs; -} - -void lsa_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_lsa_cmds; - *n_fns = count_fns(); -} - - -NTSTATUS rpc_lsa_init(void) -{ - int funcs = count_fns(); - - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "lsarpc", "lsass", api_lsa_cmds, - funcs); -} diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 027277e8d9..f43258d5e5 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -46,6 +46,51 @@ const struct generic_mapping lsa_generic_mapping = { POLICY_ALL_ACCESS }; +/*************************************************************************** + init_lsa_ref_domain_list - adds a domain if it's not already in, returns the index. +***************************************************************************/ + +static int init_lsa_ref_domain_list(TALLOC_CTX *mem_ctx, + struct lsa_RefDomainList *ref, + const char *dom_name, + DOM_SID *dom_sid) +{ + int num = 0; + + if (dom_name != NULL) { + for (num = 0; num < ref->count; num++) { + if (sid_equal(dom_sid, ref->domains[num].sid)) { + return num; + } + } + } else { + num = ref->count; + } + + if (num >= MAX_REF_DOMAINS) { + /* index not found, already at maximum domain limit */ + return -1; + } + + ref->count = num + 1; + ref->max_size = MAX_REF_DOMAINS; + + ref->domains = TALLOC_REALLOC_ARRAY(mem_ctx, ref->domains, + struct lsa_DomainInfo, ref->count); + if (!ref->domains) { + return -1; + } + + init_lsa_StringLarge(&ref->domains[num].name, dom_name); + ref->domains[num].sid = sid_dup_talloc(mem_ctx, dom_sid); + if (!ref->domains[num].sid) { + return -1; + } + + return num; +} + + /******************************************************************* Function to free the per handle data. ********************************************************************/ @@ -82,53 +127,16 @@ static void init_dom_query_5(struct lsa_DomainInfo *r, } /*************************************************************************** - init_dom_ref - adds a domain if it's not already in, returns the index. -***************************************************************************/ - -static int init_dom_ref(DOM_R_REF *ref, const char *dom_name, DOM_SID *dom_sid) -{ - int num = 0; - - if (dom_name != NULL) { - for (num = 0; num < ref->num_ref_doms_1; num++) { - if (sid_equal(dom_sid, &ref->ref_dom[num].ref_dom.sid)) - return num; - } - } else { - num = ref->num_ref_doms_1; - } - - if (num >= MAX_REF_DOMAINS) { - /* index not found, already at maximum domain limit */ - return -1; - } - - ref->num_ref_doms_1 = num+1; - ref->ptr_ref_dom = 1; - ref->max_entries = MAX_REF_DOMAINS; - ref->num_ref_doms_2 = num+1; - - ref->hdr_ref_dom[num].ptr_dom_sid = 1; /* dom sid cannot be NULL. */ - - init_unistr2(&ref->ref_dom[num].uni_dom_name, dom_name, UNI_FLAGS_NONE); - init_uni_hdr(&ref->hdr_ref_dom[num].hdr_dom_name, &ref->ref_dom[num].uni_dom_name); - - init_dom_sid2(&ref->ref_dom[num].ref_dom, dom_sid ); - - return num; -} - -/*************************************************************************** lookup_lsa_rids. Must be called as root for lookup_name to work. ***************************************************************************/ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx, - DOM_R_REF *ref, - DOM_RID *prid, - uint32 num_entries, - const UNISTR2 *name, - int flags, - uint32 *pmapped_count) + struct lsa_RefDomainList *ref, + struct lsa_TranslatedSid *prid, + uint32_t num_entries, + struct lsa_String *name, + int flags, + uint32_t *pmapped_count) { uint32 mapped_count, i; @@ -141,15 +149,14 @@ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx, DOM_SID sid; uint32 rid; int dom_idx; - char *full_name; + const char *full_name; const char *domain; enum lsa_SidType type = SID_NAME_UNKNOWN; /* Split name into domain and user component */ - full_name = rpcstr_pull_unistr2_talloc(mem_ctx, &name[i]); + full_name = name[i].string; if (full_name == NULL) { - DEBUG(0, ("pull_ucs2_talloc failed\n")); return NT_STATUS_NO_MEMORY; } @@ -182,11 +189,11 @@ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx, if (type != SID_NAME_UNKNOWN) { sid_split_rid(&sid, &rid); - dom_idx = init_dom_ref(ref, domain, &sid); + dom_idx = init_lsa_ref_domain_list(mem_ctx, ref, domain, &sid); mapped_count++; } - init_dom_rid(&prid[i], rid, type, dom_idx); + init_lsa_translated_sid(&prid[i], type, rid, dom_idx); } *pmapped_count = mapped_count; @@ -198,12 +205,12 @@ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx, ***************************************************************************/ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx, - DOM_R_REF *ref, - LSA_TRANSLATED_SID3 *trans_sids, - uint32 num_entries, - const UNISTR2 *name, - int flags, - uint32 *pmapped_count) + struct lsa_RefDomainList *ref, + struct lsa_TranslatedSid3 *trans_sids, + uint32_t num_entries, + struct lsa_String *name, + int flags, + uint32 *pmapped_count) { uint32 mapped_count, i; @@ -216,15 +223,14 @@ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx, DOM_SID sid; uint32 rid; int dom_idx; - char *full_name; + const char *full_name; const char *domain; enum lsa_SidType type = SID_NAME_UNKNOWN; /* Split name into domain and user component */ - full_name = rpcstr_pull_unistr2_talloc(mem_ctx, &name[i]); + full_name = name[i].string; if (full_name == NULL) { - DEBUG(0, ("pull_ucs2_talloc failed\n")); return NT_STATUS_NO_MEMORY; } @@ -259,164 +265,20 @@ static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx, DOM_SID domain_sid; sid_copy(&domain_sid, &sid); sid_split_rid(&domain_sid, &rid); - dom_idx = init_dom_ref(ref, domain, &domain_sid); + dom_idx = init_lsa_ref_domain_list(mem_ctx, ref, domain, &domain_sid); mapped_count++; } - /* Initialize the LSA_TRANSLATED_SID3 return. */ + /* Initialize the lsa_TranslatedSid3 return. */ trans_sids[i].sid_type = type; - trans_sids[i].sid2 = TALLOC_P(mem_ctx, DOM_SID2); - if (trans_sids[i].sid2 == NULL) { - return NT_STATUS_NO_MEMORY; - } - init_dom_sid2(trans_sids[i].sid2, &sid); - trans_sids[i].sid_idx = dom_idx; + trans_sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + trans_sids[i].sid_index = dom_idx; } *pmapped_count = mapped_count; return NT_STATUS_OK; } -/*************************************************************************** - init_reply_lookup_names - ***************************************************************************/ - -static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l, - DOM_R_REF *ref, uint32 num_entries, - DOM_RID *rid, uint32 mapped_count) -{ - r_l->ptr_dom_ref = 1; - r_l->dom_ref = ref; - - r_l->num_entries = num_entries; - r_l->ptr_entries = 1; - r_l->num_entries2 = num_entries; - r_l->dom_rid = rid; - - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - init_reply_lookup_names2 - ***************************************************************************/ - -static void init_reply_lookup_names2(LSA_R_LOOKUP_NAMES2 *r_l, - DOM_R_REF *ref, uint32 num_entries, - DOM_RID2 *rid, uint32 mapped_count) -{ - r_l->ptr_dom_ref = 1; - r_l->dom_ref = ref; - - r_l->num_entries = num_entries; - r_l->ptr_entries = 1; - r_l->num_entries2 = num_entries; - r_l->dom_rid = rid; - - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - init_reply_lookup_names3 - ***************************************************************************/ - -static void init_reply_lookup_names3(LSA_R_LOOKUP_NAMES3 *r_l, - DOM_R_REF *ref, uint32 num_entries, - LSA_TRANSLATED_SID3 *trans_sids, uint32 mapped_count) -{ - r_l->ptr_dom_ref = 1; - r_l->dom_ref = ref; - - r_l->num_entries = num_entries; - r_l->ptr_entries = 1; - r_l->num_entries2 = num_entries; - r_l->trans_sids = trans_sids; - - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - init_reply_lookup_names4 - ***************************************************************************/ - -static void init_reply_lookup_names4(LSA_R_LOOKUP_NAMES4 *r_l, - DOM_R_REF *ref, uint32 num_entries, - LSA_TRANSLATED_SID3 *trans_sids, uint32 mapped_count) -{ - r_l->ptr_dom_ref = 1; - r_l->dom_ref = ref; - - r_l->num_entries = num_entries; - r_l->ptr_entries = 1; - r_l->num_entries2 = num_entries; - r_l->trans_sids = trans_sids; - - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - Init_reply_lookup_sids. - ***************************************************************************/ - -static void init_reply_lookup_sids2(LSA_R_LOOKUP_SIDS2 *r_l, - DOM_R_REF *ref, - uint32 mapped_count) -{ - r_l->ptr_dom_ref = ref ? 1 : 0; - r_l->dom_ref = ref; - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - Init_reply_lookup_sids. - ***************************************************************************/ - -static void init_reply_lookup_sids3(LSA_R_LOOKUP_SIDS3 *r_l, - DOM_R_REF *ref, - uint32 mapped_count) -{ - r_l->ptr_dom_ref = ref ? 1 : 0; - r_l->dom_ref = ref; - r_l->mapped_count = mapped_count; -} - -/*************************************************************************** - Init_reply_lookup_sids. - ***************************************************************************/ - -static NTSTATUS init_reply_lookup_sids(TALLOC_CTX *mem_ctx, - LSA_R_LOOKUP_SIDS *r_l, - DOM_R_REF *ref, - LSA_TRANS_NAME_ENUM2 *names, - uint32 mapped_count) -{ - LSA_TRANS_NAME_ENUM *oldnames = &r_l->names; - - oldnames->num_entries = names->num_entries; - oldnames->ptr_trans_names = names->ptr_trans_names; - oldnames->num_entries2 = names->num_entries2; - oldnames->uni_name = names->uni_name; - - if (names->num_entries) { - int i; - - oldnames->name = TALLOC_ARRAY(mem_ctx, LSA_TRANS_NAME, names->num_entries); - - if (!oldnames->name) { - return NT_STATUS_NO_MEMORY; - } - for (i = 0; i < names->num_entries; i++) { - oldnames->name[i].sid_name_use = names->name[i].sid_name_use; - oldnames->name[i].hdr_name = names->name[i].hdr_name; - oldnames->name[i].domain_idx = names->name[i].domain_idx; - } - } - - r_l->ptr_dom_ref = ref ? 1 : 0; - r_l->dom_ref = ref; - r_l->mapped_count = mapped_count; - return NT_STATUS_OK; -} - static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *sd_size) { DOM_SID local_adm_sid; @@ -801,38 +663,40 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p, ***************************************************************************/ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, - uint16 level, /* input */ - int num_sids, /* input */ - const DOM_SID2 *sid, /* input */ - DOM_R_REF **pp_ref, /* output */ - LSA_TRANS_NAME_ENUM2 *names, /* input/output */ - uint32 *pp_mapped_count) + TALLOC_CTX *mem_ctx, + uint16_t level, /* input */ + int num_sids, /* input */ + struct lsa_SidPtr *sid, /* input */ + struct lsa_RefDomainList **pp_ref, /* input/output */ + struct lsa_TranslatedName2 **pp_names,/* input/output */ + uint32_t *pp_mapped_count) /* input/output */ { NTSTATUS status; int i; const DOM_SID **sids = NULL; - DOM_R_REF *ref = NULL; + struct lsa_RefDomainList *ref = NULL; uint32 mapped_count = 0; struct lsa_dom_info *dom_infos = NULL; struct lsa_name_info *name_infos = NULL; + struct lsa_TranslatedName2 *names = NULL; *pp_mapped_count = 0; + *pp_names = NULL; *pp_ref = NULL; - ZERO_STRUCTP(names); if (num_sids == 0) { return NT_STATUS_OK; } sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids); - ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); + ref = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList); if (sids == NULL || ref == NULL) { return NT_STATUS_NO_MEMORY; } for (i=0; i<num_sids; i++) { - sids[i] = &sid[i].sid; + sids[i] = sid[i].sid; } status = lookup_sids(p->mem_ctx, num_sids, sids, level, @@ -842,9 +706,8 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, return status; } - names->name = TALLOC_ARRAY(p->mem_ctx, LSA_TRANS_NAME2, num_sids); - names->uni_name = TALLOC_ARRAY(p->mem_ctx, UNISTR2, num_sids); - if ((names->name == NULL) || (names->uni_name == NULL)) { + names = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedName2, num_sids); + if (names == NULL) { return NT_STATUS_NO_MEMORY; } @@ -854,8 +717,9 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, break; } - if (init_dom_ref(ref, dom_infos[i].name, - &dom_infos[i].sid) != i) { + if (init_lsa_ref_domain_list(mem_ctx, ref, + dom_infos[i].name, + &dom_infos[i].sid) != i) { DEBUG(0, ("Domain %s mentioned twice??\n", dom_infos[i].name)); return NT_STATUS_INTERNAL_ERROR; @@ -883,13 +747,10 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, } else { mapped_count += 1; } - init_lsa_trans_name2(&names->name[i], &names->uni_name[i], - name->type, name->name, name->dom_idx); - } - names->num_entries = num_sids; - names->ptr_trans_names = 1; - names->num_entries2 = num_sids; + init_lsa_translated_name2(&names[i], name->type, + name->name, name->dom_idx, 0); + } status = NT_STATUS_NONE_MAPPED; if (mapped_count > 0) { @@ -901,31 +762,33 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, num_sids, mapped_count, nt_errstr(status))); *pp_mapped_count = mapped_count; + *pp_names = names; *pp_ref = ref; return status; } /*************************************************************************** - _lsa_lookup_sids + _lsa_LookupSids ***************************************************************************/ -NTSTATUS _lsa_lookup_sids(pipes_struct *p, - LSA_Q_LOOKUP_SIDS *q_u, - LSA_R_LOOKUP_SIDS *r_u) +NTSTATUS _lsa_LookupSids(pipes_struct *p, + struct lsa_LookupSids *r) { + NTSTATUS status; struct lsa_info *handle; - int num_sids = q_u->sids.num_entries; + int num_sids = r->in.sids->num_sids; uint32 mapped_count = 0; - DOM_R_REF *ref = NULL; - LSA_TRANS_NAME_ENUM2 names; - NTSTATUS status; + struct lsa_RefDomainList *domains = NULL; + struct lsa_TranslatedName *names_out = NULL; + struct lsa_TranslatedName2 *names = NULL; + int i; - if ((q_u->level < 1) || (q_u->level > 6)) { + if ((r->in.level < 1) || (r->in.level > 6)) { return NT_STATUS_INVALID_PARAMETER; } - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) { return NT_STATUS_INVALID_HANDLE; } @@ -935,113 +798,137 @@ NTSTATUS _lsa_lookup_sids(pipes_struct *p, } if (num_sids > MAX_LOOKUP_SIDS) { - DEBUG(5,("_lsa_lookup_sids: limit of %d exceeded, requested %d\n", + DEBUG(5,("_lsa_LookupSids: limit of %d exceeded, requested %d\n", MAX_LOOKUP_SIDS, num_sids)); return NT_STATUS_NONE_MAPPED; } - r_u->status = _lsa_lookup_sids_internal(p, - q_u->level, - num_sids, - q_u->sids.sid, - &ref, - &names, - &mapped_count); + status = _lsa_lookup_sids_internal(p, + p->mem_ctx, + r->in.level, + num_sids, + r->in.sids->sids, + &domains, + &names, + &mapped_count); - /* Convert from LSA_TRANS_NAME_ENUM2 to LSA_TRANS_NAME_ENUM */ + /* Convert from lsa_TranslatedName2 to lsa_TranslatedName */ + names_out = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedName, + num_sids); + if (!names_out) { + return NT_STATUS_NO_MEMORY; + } - status = init_reply_lookup_sids(p->mem_ctx, r_u, ref, &names, mapped_count); - if (!NT_STATUS_IS_OK(status)) { - return status; + for (i=0; i<num_sids; i++) { + names_out[i].sid_type = names[i].sid_type; + names_out[i].name = names[i].name; + names_out[i].sid_index = names[i].sid_index; } - return r_u->status; + + *r->out.domains = domains; + r->out.names->count = num_sids; + r->out.names->names = names_out; + *r->out.count = mapped_count; + + return status; } /*************************************************************************** - _lsa_lookup_sids2 + _lsa_LookupSids2 ***************************************************************************/ -NTSTATUS _lsa_lookup_sids2(pipes_struct *p, - LSA_Q_LOOKUP_SIDS2 *q_u, - LSA_R_LOOKUP_SIDS2 *r_u) +NTSTATUS _lsa_LookupSids2(pipes_struct *p, + struct lsa_LookupSids2 *r) { + NTSTATUS status; struct lsa_info *handle; - int num_sids = q_u->sids.num_entries; + int num_sids = r->in.sids->num_sids; uint32 mapped_count = 0; - DOM_R_REF *ref = NULL; + struct lsa_RefDomainList *domains = NULL; + struct lsa_TranslatedName2 *names = NULL; + bool check_policy = true; - if ((q_u->level < 1) || (q_u->level > 6)) { - return NT_STATUS_INVALID_PARAMETER; + switch (p->hdr_req.opnum) { + case NDR_LSA_LOOKUPSIDS3: + check_policy = false; + break; + case NDR_LSA_LOOKUPSIDS2: + default: + check_policy = true; } - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { - return NT_STATUS_INVALID_HANDLE; + if ((r->in.level < 1) || (r->in.level > 6)) { + return NT_STATUS_INVALID_PARAMETER; } - /* check if the user have enough rights */ - if (!(handle->access & POLICY_LOOKUP_NAMES)) { - return NT_STATUS_ACCESS_DENIED; + if (check_policy) { + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) { + return NT_STATUS_INVALID_HANDLE; + } + + /* check if the user have enough rights */ + if (!(handle->access & POLICY_LOOKUP_NAMES)) { + return NT_STATUS_ACCESS_DENIED; + } } if (num_sids > MAX_LOOKUP_SIDS) { - DEBUG(5,("_lsa_lookup_sids2: limit of %d exceeded, requested %d\n", + DEBUG(5,("_lsa_LookupSids2: limit of %d exceeded, requested %d\n", MAX_LOOKUP_SIDS, num_sids)); return NT_STATUS_NONE_MAPPED; } - r_u->status = _lsa_lookup_sids_internal(p, - q_u->level, - num_sids, - q_u->sids.sid, - &ref, - &r_u->names, - &mapped_count); + status = _lsa_lookup_sids_internal(p, + p->mem_ctx, + r->in.level, + num_sids, + r->in.sids->sids, + &domains, + &names, + &mapped_count); - init_reply_lookup_sids2(r_u, ref, mapped_count); - return r_u->status; + *r->out.domains = domains; + r->out.names->count = num_sids; + r->out.names->names = names; + *r->out.count = mapped_count; + + return status; } /*************************************************************************** - _lsa_lookup_sida3 + _lsa_LookupSids3 ***************************************************************************/ -NTSTATUS _lsa_lookup_sids3(pipes_struct *p, - LSA_Q_LOOKUP_SIDS3 *q_u, - LSA_R_LOOKUP_SIDS3 *r_u) +NTSTATUS _lsa_LookupSids3(pipes_struct *p, + struct lsa_LookupSids3 *r) { - int num_sids = q_u->sids.num_entries; - uint32 mapped_count = 0; - DOM_R_REF *ref = NULL; - - if ((q_u->level < 1) || (q_u->level > 6)) { - return NT_STATUS_INVALID_PARAMETER; - } + struct lsa_LookupSids2 q; /* No policy handle on this call. Restrict to crypto connections. */ if (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) { - DEBUG(0,("_lsa_lookup_sids3: client %s not using schannel for netlogon\n", + DEBUG(0,("_lsa_LookupSids3: client %s not using schannel for netlogon\n", get_remote_machine_name() )); return NT_STATUS_INVALID_PARAMETER; } - if (num_sids > MAX_LOOKUP_SIDS) { - DEBUG(5,("_lsa_lookup_sids3: limit of %d exceeded, requested %d\n", - MAX_LOOKUP_SIDS, num_sids)); - return NT_STATUS_NONE_MAPPED; - } + q.in.handle = NULL; + q.in.sids = r->in.sids; + q.in.level = r->in.level; + q.in.unknown1 = r->in.unknown1; + q.in.unknown2 = r->in.unknown2; + q.in.names = r->in.names; + q.in.count = r->in.count; - r_u->status = _lsa_lookup_sids_internal(p, - q_u->level, - num_sids, - q_u->sids.sid, - &ref, - &r_u->names, - &mapped_count); + q.out.domains = r->out.domains; + q.out.names = r->out.names; + q.out.count = r->out.count; - init_reply_lookup_sids3(r_u, ref, mapped_count); - return r_u->status; + return _lsa_LookupSids2(p, &q); } +/*************************************************************************** + ***************************************************************************/ + static int lsa_lookup_level_to_flags(uint16 level) { int flags; @@ -1068,33 +955,37 @@ static int lsa_lookup_level_to_flags(uint16 level) } /*************************************************************************** -lsa_reply_lookup_names + _lsa_LookupNames ***************************************************************************/ -NTSTATUS _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP_NAMES *r_u) +NTSTATUS _lsa_LookupNames(pipes_struct *p, + struct lsa_LookupNames *r) { + NTSTATUS status = NT_STATUS_NONE_MAPPED; struct lsa_info *handle; - UNISTR2 *names = q_u->uni_name; - uint32 num_entries = q_u->num_entries; - DOM_R_REF *ref; - DOM_RID *rids; + struct lsa_String *names = r->in.names; + uint32 num_entries = r->in.num_names; + struct lsa_RefDomainList *domains = NULL; + struct lsa_TranslatedSid *rids = NULL; uint32 mapped_count = 0; int flags = 0; if (num_entries > MAX_LOOKUP_SIDS) { num_entries = MAX_LOOKUP_SIDS; - DEBUG(5,("_lsa_lookup_names: truncating name lookup list to %d\n", num_entries)); + DEBUG(5,("_lsa_LookupNames: truncating name lookup list to %d\n", + num_entries)); } - flags = lsa_lookup_level_to_flags(q_u->lookup_level); + flags = lsa_lookup_level_to_flags(r->in.level); - ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - if (!ref) { + domains = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList); + if (!domains) { return NT_STATUS_NO_MEMORY; } if (num_entries) { - rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); + rids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_TranslatedSid, + num_entries); if (!rids) { return NT_STATUS_NO_MEMORY; } @@ -1102,146 +993,136 @@ NTSTATUS _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP rids = NULL; } - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { - r_u->status = NT_STATUS_INVALID_HANDLE; + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) { + status = NT_STATUS_INVALID_HANDLE; goto done; } /* check if the user have enough rights */ if (!(handle->access & POLICY_LOOKUP_NAMES)) { - r_u->status = NT_STATUS_ACCESS_DENIED; + status = NT_STATUS_ACCESS_DENIED; goto done; } /* set up the LSA Lookup RIDs response */ become_root(); /* lookup_name can require root privs */ - r_u->status = lookup_lsa_rids(p->mem_ctx, ref, rids, num_entries, - names, flags, &mapped_count); + status = lookup_lsa_rids(p->mem_ctx, domains, rids, num_entries, + names, flags, &mapped_count); unbecome_root(); done: - if (NT_STATUS_IS_OK(r_u->status) && (num_entries != 0) ) { - if (mapped_count == 0) - r_u->status = NT_STATUS_NONE_MAPPED; - else if (mapped_count != num_entries) - r_u->status = STATUS_SOME_UNMAPPED; + if (NT_STATUS_IS_OK(status) && (num_entries != 0) ) { + if (mapped_count == 0) { + status = NT_STATUS_NONE_MAPPED; + } else if (mapped_count != num_entries) { + status = STATUS_SOME_UNMAPPED; + } } - init_reply_lookup_names(r_u, ref, num_entries, rids, mapped_count); - return r_u->status; + *r->out.count = num_entries; + *r->out.domains = domains; + r->out.sids->sids = rids; + r->out.sids->count = mapped_count; + + return status; } /*************************************************************************** -lsa_reply_lookup_names2 + _lsa_LookupNames2 ***************************************************************************/ -NTSTATUS _lsa_lookup_names2(pipes_struct *p, LSA_Q_LOOKUP_NAMES2 *q_u, LSA_R_LOOKUP_NAMES2 *r_u) +NTSTATUS _lsa_LookupNames2(pipes_struct *p, + struct lsa_LookupNames2 *r) { - struct lsa_info *handle; - UNISTR2 *names = q_u->uni_name; - uint32 num_entries = q_u->num_entries; - DOM_R_REF *ref; - DOM_RID *rids; - DOM_RID2 *rids2; - int i; - uint32 mapped_count = 0; - int flags = 0; - - if (num_entries > MAX_LOOKUP_SIDS) { - num_entries = MAX_LOOKUP_SIDS; - DEBUG(5,("_lsa_lookup_names2: truncating name lookup list to %d\n", num_entries)); - } - - flags = lsa_lookup_level_to_flags(q_u->lookup_level); + NTSTATUS status; + struct lsa_LookupNames q; + struct lsa_TransSidArray2 *sid_array2 = r->in.sids; + struct lsa_TransSidArray *sid_array = NULL; + uint32_t i; - ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - if (ref == NULL) { - r_u->status = NT_STATUS_NO_MEMORY; + sid_array = TALLOC_ZERO_P(p->mem_ctx, struct lsa_TransSidArray); + if (!sid_array) { return NT_STATUS_NO_MEMORY; } - if (num_entries) { - rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); - rids2 = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID2, num_entries); - if ((rids == NULL) || (rids2 == NULL)) { - r_u->status = NT_STATUS_NO_MEMORY; - return NT_STATUS_NO_MEMORY; - } - } else { - rids = NULL; - rids2 = NULL; - } - - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { - r_u->status = NT_STATUS_INVALID_HANDLE; - goto done; - } + q.in.handle = r->in.handle; + q.in.num_names = r->in.num_names; + q.in.names = r->in.names; + q.in.level = r->in.level; + q.in.sids = sid_array; + q.in.count = r->in.count; + /* we do not know what this is for */ + /* = r->in.unknown1; */ + /* = r->in.unknown2; */ - /* check if the user have enough rights */ - if (!(handle->access & POLICY_LOOKUP_NAMES)) { - r_u->status = NT_STATUS_ACCESS_DENIED; - goto done; - } - - /* set up the LSA Lookup RIDs response */ - become_root(); /* lookup_name can require root privs */ - r_u->status = lookup_lsa_rids(p->mem_ctx, ref, rids, num_entries, - names, flags, &mapped_count); - unbecome_root(); + q.out.domains = r->out.domains; + q.out.sids = sid_array; + q.out.count = r->out.count; -done: + status = _lsa_LookupNames(p, &q); - if (NT_STATUS_IS_OK(r_u->status)) { - if (mapped_count == 0) { - r_u->status = NT_STATUS_NONE_MAPPED; - } else if (mapped_count != num_entries) { - r_u->status = STATUS_SOME_UNMAPPED; - } + sid_array2->sids = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedSid2, sid_array->count); + if (!sid_array2->sids) { + return NT_STATUS_NO_MEMORY; } - /* Convert the rids array to rids2. */ - for (i = 0; i < num_entries; i++) { - rids2[i].type = rids[i].type; - rids2[i].rid = rids[i].rid; - rids2[i].rid_idx = rids[i].rid_idx; - rids2[i].unknown = 0; + for (i=0; i<sid_array->count; i++) { + sid_array2->sids[i].sid_type = sid_array->sids[i].sid_type; + sid_array2->sids[i].rid = sid_array->sids[i].rid; + sid_array2->sids[i].sid_index = sid_array->sids[i].sid_index; + sid_array2->sids[i].unknown = 0; } - init_reply_lookup_names2(r_u, ref, num_entries, rids2, mapped_count); - return r_u->status; + r->out.sids = sid_array2; + + return status; } /*************************************************************************** -lsa_reply_lookup_names3. + _lsa_LookupNames3 ***************************************************************************/ -NTSTATUS _lsa_lookup_names3(pipes_struct *p, LSA_Q_LOOKUP_NAMES3 *q_u, LSA_R_LOOKUP_NAMES3 *r_u) +NTSTATUS _lsa_LookupNames3(pipes_struct *p, + struct lsa_LookupNames3 *r) { + NTSTATUS status; struct lsa_info *handle; - UNISTR2 *names = q_u->uni_name; - uint32 num_entries = q_u->num_entries; - DOM_R_REF *ref = NULL; - LSA_TRANSLATED_SID3 *trans_sids = NULL; + struct lsa_String *names = r->in.names; + uint32 num_entries = r->in.num_names; + struct lsa_RefDomainList *domains = NULL; + struct lsa_TranslatedSid3 *trans_sids = NULL; uint32 mapped_count = 0; int flags = 0; + bool check_policy = true; + + switch (p->hdr_req.opnum) { + case NDR_LSA_LOOKUPNAMES4: + check_policy = false; + break; + case NDR_LSA_LOOKUPNAMES3: + default: + check_policy = true; + } if (num_entries > MAX_LOOKUP_SIDS) { num_entries = MAX_LOOKUP_SIDS; - DEBUG(5,("_lsa_lookup_names3: truncating name lookup list to %d\n", num_entries)); + DEBUG(5,("_lsa_LookupNames3: truncating name lookup list to %d\n", num_entries)); } /* Probably the lookup_level is some sort of bitmask. */ - if (q_u->lookup_level == 1) { + if (r->in.level == 1) { flags = LOOKUP_NAME_ALL; } - ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - if (ref == NULL) { + domains = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList); + if (!domains) { return NT_STATUS_NO_MEMORY; } + if (num_entries) { - trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); + trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_TranslatedSid3, + num_entries); if (!trans_sids) { return NT_STATUS_NO_MEMORY; } @@ -1249,59 +1130,52 @@ NTSTATUS _lsa_lookup_names3(pipes_struct *p, LSA_Q_LOOKUP_NAMES3 *q_u, LSA_R_LOO trans_sids = NULL; } - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { - r_u->status = NT_STATUS_INVALID_HANDLE; - goto done; - } + if (check_policy) { - /* check if the user have enough rights */ - if (!(handle->access & POLICY_LOOKUP_NAMES)) { - r_u->status = NT_STATUS_ACCESS_DENIED; - goto done; + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) { + status = NT_STATUS_INVALID_HANDLE; + goto done; + } + + /* check if the user have enough rights */ + if (!(handle->access & POLICY_LOOKUP_NAMES)) { + status = NT_STATUS_ACCESS_DENIED; + goto done; + } } /* set up the LSA Lookup SIDs response */ become_root(); /* lookup_name can require root privs */ - r_u->status = lookup_lsa_sids(p->mem_ctx, ref, trans_sids, num_entries, - names, flags, &mapped_count); + status = lookup_lsa_sids(p->mem_ctx, domains, trans_sids, num_entries, + names, flags, &mapped_count); unbecome_root(); done: - if (NT_STATUS_IS_OK(r_u->status)) { + if (NT_STATUS_IS_OK(status)) { if (mapped_count == 0) { - r_u->status = NT_STATUS_NONE_MAPPED; + status = NT_STATUS_NONE_MAPPED; } else if (mapped_count != num_entries) { - r_u->status = STATUS_SOME_UNMAPPED; + status = STATUS_SOME_UNMAPPED; } } - init_reply_lookup_names3(r_u, ref, num_entries, trans_sids, mapped_count); - return r_u->status; + *r->out.count = num_entries; + *r->out.domains = domains; + r->out.sids->sids = trans_sids; + r->out.sids->count = mapped_count; + + return status; } /*************************************************************************** -lsa_reply_lookup_names4. + _lsa_LookupNames4 ***************************************************************************/ -NTSTATUS _lsa_lookup_names4(pipes_struct *p, LSA_Q_LOOKUP_NAMES4 *q_u, LSA_R_LOOKUP_NAMES4 *r_u) +NTSTATUS _lsa_LookupNames4(pipes_struct *p, + struct lsa_LookupNames4 *r) { - UNISTR2 *names = q_u->uni_name; - uint32 num_entries = q_u->num_entries; - DOM_R_REF *ref = NULL; - LSA_TRANSLATED_SID3 *trans_sids = NULL; - uint32 mapped_count = 0; - int flags = 0; - - if (num_entries > MAX_LOOKUP_SIDS) { - num_entries = MAX_LOOKUP_SIDS; - DEBUG(5,("_lsa_lookup_names4: truncating name lookup list to %d\n", num_entries)); - } - - /* Probably the lookup_level is some sort of bitmask. */ - if (q_u->lookup_level == 1) { - flags = LOOKUP_NAME_ALL; - } + struct lsa_LookupNames3 q; /* No policy handle on this call. Restrict to crypto connections. */ if (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) { @@ -1310,36 +1184,20 @@ NTSTATUS _lsa_lookup_names4(pipes_struct *p, LSA_Q_LOOKUP_NAMES4 *q_u, LSA_R_LOO return NT_STATUS_INVALID_PARAMETER; } - ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - if (!ref) { - return NT_STATUS_NO_MEMORY; - } - - if (num_entries) { - trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); - if (!trans_sids) { - return NT_STATUS_NO_MEMORY; - } - } else { - trans_sids = NULL; - } - - /* set up the LSA Lookup SIDs response */ - become_root(); /* lookup_name can require root privs */ - r_u->status = lookup_lsa_sids(p->mem_ctx, ref, trans_sids, num_entries, - names, flags, &mapped_count); - unbecome_root(); + q.in.handle = NULL; + q.in.num_names = r->in.num_names; + q.in.names = r->in.names; + q.in.level = r->in.level; + q.in.unknown1 = r->in.unknown1; + q.in.unknown2 = r->in.unknown2; + q.in.sids = r->in.sids; + q.in.count = r->in.count; - if (NT_STATUS_IS_OK(r_u->status)) { - if (mapped_count == 0) { - r_u->status = NT_STATUS_NONE_MAPPED; - } else if (mapped_count != num_entries) { - r_u->status = STATUS_SOME_UNMAPPED; - } - } + q.out.domains = r->out.domains; + q.out.sids = r->out.sids; + q.out.count = r->out.count; - init_reply_lookup_names4(r_u, ref, num_entries, trans_sids, mapped_count); - return r_u->status; + return _lsa_LookupNames3(p, &q); } /*************************************************************************** @@ -2294,18 +2152,6 @@ NTSTATUS _lsa_ClearAuditLog(pipes_struct *p, struct lsa_ClearAuditLog *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_LookupNames(pipes_struct *p, struct lsa_LookupNames *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS _lsa_LookupSids(pipes_struct *p, struct lsa_LookupSids *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r) { p->rng_fault_state = True; @@ -2444,18 +2290,6 @@ NTSTATUS _lsa_TestCall(pipes_struct *p, struct lsa_TestCall *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_LookupSids2(pipes_struct *p, struct lsa_LookupSids2 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS _lsa_LookupNames2(pipes_struct *p, struct lsa_LookupNames2 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_CreateTrustedDomainEx2(pipes_struct *p, struct lsa_CreateTrustedDomainEx2 *r) { p->rng_fault_state = True; @@ -2510,12 +2344,6 @@ NTSTATUS _lsa_CREDRPROFILELOADED(pipes_struct *p, struct lsa_CREDRPROFILELOADED return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_LookupNames3(pipes_struct *p, struct lsa_LookupNames3 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_CREDRGETSESSIONTYPES(pipes_struct *p, struct lsa_CREDRGETSESSIONTYPES *r) { p->rng_fault_state = True; @@ -2558,18 +2386,6 @@ NTSTATUS _lsa_CREDRRENAME(pipes_struct *p, struct lsa_CREDRRENAME *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_LookupSids3(pipes_struct *p, struct lsa_LookupSids3 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS _lsa_LookupNames4(pipes_struct *p, struct lsa_LookupNames4 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_LSAROPENPOLICYSCE(pipes_struct *p, struct lsa_LSAROPENPOLICYSCE *r) { p->rng_fault_state = True; diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c deleted file mode 100644 index 7f67fe51f0..0000000000 --- a/source3/rpc_server/srv_netlog.c +++ /dev/null @@ -1,254 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997, - * Copyright (C) Jeremy Allison 1998-2001, - * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface to the netlogon pipe. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -/******************************************************************* - ********************************************************************/ - -static bool proxy_netr_call(pipes_struct *p, uint8 opnum) -{ - struct api_struct *fns; - int n_fns; - - netlogon_get_pipe_fns(&fns, &n_fns); - - if (opnum >= n_fns) { - return false; - } - - if (fns[opnum].opnum != opnum) { - smb_panic("NETLOGON function table not sorted"); - } - - return fns[opnum].fn(p); -} - -/************************************************************************* - api_net_req_chal: - *************************************************************************/ - -static bool api_net_req_chal(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_SERVERREQCHALLENGE); -} - -/************************************************************************* - api_net_auth: - *************************************************************************/ - -static bool api_net_auth(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_SERVERAUTHENTICATE); -} - -/************************************************************************* - api_net_auth_2: - *************************************************************************/ - -static bool api_net_auth_2(pipes_struct *p) -{ - NET_Q_AUTH_2 q_u; - NET_R_AUTH_2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the challenge... */ - if(!net_io_q_auth_2("", &q_u, data, 0)) { - DEBUG(0,("api_net_auth_2: Failed to unmarshall NET_Q_AUTH_2.\n")); - return False; - } - - r_u.status = _net_auth_2(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_auth_2("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_auth_2: Failed to marshall NET_R_AUTH_2.\n")); - return False; - } - - return True; -} - -/************************************************************************* - api_net_srv_pwset: - *************************************************************************/ - -static bool api_net_srv_pwset(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_SERVERPASSWORDSET); -} - -/************************************************************************* - api_net_sam_logoff: - *************************************************************************/ - -static bool api_net_sam_logoff(pipes_struct *p) -{ - NET_Q_SAM_LOGOFF q_u; - NET_R_SAM_LOGOFF r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!net_io_q_sam_logoff("", &q_u, data, 0)) { - DEBUG(0,("api_net_sam_logoff: Failed to unmarshall NET_Q_SAM_LOGOFF.\n")); - return False; - } - - r_u.status = _net_sam_logoff(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_sam_logoff("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_sam_logoff: Failed to marshall NET_R_SAM_LOGOFF.\n")); - return False; - } - - return True; -} - -/************************************************************************* - api_net_sam_logon: - *************************************************************************/ - -static bool api_net_sam_logon(pipes_struct *p) -{ - NET_Q_SAM_LOGON q_u; - NET_R_SAM_LOGON r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!net_io_q_sam_logon("", &q_u, data, 0)) { - DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n")); - return False; - } - - r_u.status = _net_sam_logon(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_sam_logon("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON.\n")); - return False; - } - - return True; -} - -/************************************************************************* - api_net_trust_dom_list: - *************************************************************************/ - -static bool api_net_trust_dom_list(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_NETRENUMERATETRUSTEDDOMAINS); -} - -/************************************************************************* - api_net_logon_ctrl2: - *************************************************************************/ - -static bool api_net_logon_ctrl2(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_LOGONCONTROL2); -} - -/************************************************************************* - api_net_logon_ctrl: - *************************************************************************/ - -static bool api_net_logon_ctrl(pipes_struct *p) -{ - return proxy_netr_call(p, NDR_NETR_LOGONCONTROL); -} - -/************************************************************************* - api_net_sam_logon_ex: - *************************************************************************/ - -static bool api_net_sam_logon_ex(pipes_struct *p) -{ - NET_Q_SAM_LOGON_EX q_u; - NET_R_SAM_LOGON_EX r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!net_io_q_sam_logon_ex("", &q_u, data, 0)) { - DEBUG(0, ("api_net_sam_logon_ex: Failed to unmarshall NET_Q_SAM_LOGON_EX.\n")); - return False; - } - - r_u.status = _net_sam_logon_ex(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_sam_logon_ex("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_sam_logon_ex: Failed to marshall NET_R_SAM_LOGON_EX.\n")); - return False; - } - - return True; -} - -/******************************************************************* - array of \PIPE\NETLOGON operations - ********************************************************************/ -static struct api_struct api_net_cmds [] = - { - { "NET_REQCHAL" , NET_REQCHAL , api_net_req_chal }, - { "NET_AUTH" , NET_AUTH , api_net_auth }, - { "NET_AUTH2" , NET_AUTH2 , api_net_auth_2 }, - { "NET_SRVPWSET" , NET_SRVPWSET , api_net_srv_pwset }, - { "NET_SAMLOGON" , NET_SAMLOGON , api_net_sam_logon }, - { "NET_SAMLOGOFF" , NET_SAMLOGOFF , api_net_sam_logoff }, - { "NET_LOGON_CTRL2" , NET_LOGON_CTRL2 , api_net_logon_ctrl2 }, - { "NET_TRUST_DOM_LIST", NET_TRUST_DOM_LIST, api_net_trust_dom_list }, - { "NET_LOGON_CTRL" , NET_LOGON_CTRL , api_net_logon_ctrl }, - { "NET_SAMLOGON_EX" , NET_SAMLOGON_EX , api_net_sam_logon_ex }, - }; - -void netlog_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_net_cmds; - *n_fns = sizeof(api_net_cmds) / sizeof(struct api_struct); -} - -NTSTATUS rpc_net_init(void) -{ - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "NETLOGON", "lsass", api_net_cmds, - sizeof(api_net_cmds) / sizeof(struct api_struct)); -} diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 2b4921921f..c64e5b8d10 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -35,7 +35,7 @@ extern userdom_struct current_user_info; *************************************************************************/ static void init_net_r_req_chal(struct netr_Credential *r, - DOM_CHAL *srv_chal) + struct netr_Credential *srv_chal) { DEBUG(6,("init_net_r_req_chal: %d\n", __LINE__)); @@ -390,7 +390,7 @@ NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, generate_random_buffer(p->dc->srv_chal.data, 8); /* set up the LSA REQUEST CHALLENGE response */ - init_net_r_req_chal(r->out.credentials, &p->dc->srv_chal); + init_net_r_req_chal(r->out.return_credentials, &p->dc->srv_chal); p->dc->challenge_sent = True; @@ -406,7 +406,7 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, struct netr_ServerAuthenticate *r) { NTSTATUS status; - DOM_CHAL srv_chal_out; + struct netr_Credential srv_chal_out; if (!p->dc || !p->dc->challenge_sent) { return NT_STATUS_ACCESS_DENIED; @@ -450,70 +450,55 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, /* set up the LSA AUTH response */ /* Return the server credentials. */ - memcpy(r->out.credentials->data, &srv_chal_out.data, - sizeof(r->out.credentials->data)); + memcpy(r->out.return_credentials->data, &srv_chal_out.data, + sizeof(r->out.return_credentials->data)); return NT_STATUS_OK; } /************************************************************************* - init_net_r_auth_2: + _netr_ServerAuthenticate2 *************************************************************************/ -static void init_net_r_auth_2(NET_R_AUTH_2 *r_a, - DOM_CHAL *resp_cred, NEG_FLAGS *flgs, NTSTATUS status) -{ - memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data)); - memcpy(&r_a->srv_flgs, flgs, sizeof(r_a->srv_flgs)); - r_a->status = status; -} - -/************************************************************************* - _net_auth_2 - *************************************************************************/ - -NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) +NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, + struct netr_ServerAuthenticate2 *r) { NTSTATUS status; - NEG_FLAGS srv_flgs; - fstring mach_acct; - fstring remote_machine; - DOM_CHAL srv_chal_out; + uint32_t srv_flgs; + struct netr_Credential srv_chal_out; - rpcstr_pull(mach_acct, q_u->clnt_id.uni_acct_name.buffer,sizeof(fstring), - q_u->clnt_id.uni_acct_name.uni_str_len*2,0); - - /* We use this as the key to store the creds. */ - rpcstr_pull(remote_machine, q_u->clnt_id.uni_comp_name.buffer,sizeof(fstring), - q_u->clnt_id.uni_comp_name.uni_str_len*2,0); + /* We use this as the key to store the creds: */ + /* r->in.computer_name */ if (!p->dc || !p->dc->challenge_sent) { - DEBUG(0,("_net_auth2: no challenge sent to client %s\n", - remote_machine )); + DEBUG(0,("_netr_ServerAuthenticate2: no challenge sent to client %s\n", + r->in.computer_name)); return NT_STATUS_ACCESS_DENIED; } - if ( (lp_server_schannel() == True) && - ((q_u->clnt_flgs.neg_flags & NETLOGON_NEG_SCHANNEL) == 0) ) { + if ( (lp_server_schannel() == true) && + ((*r->in.negotiate_flags & NETLOGON_NEG_SCHANNEL) == 0) ) { /* schannel must be used, but client did not offer it. */ - DEBUG(0,("_net_auth2: schannel required but client failed " + DEBUG(0,("_netr_ServerAuthenticate2: schannel required but client failed " "to offer it. Client was %s\n", - mach_acct )); + r->in.account_name)); return NT_STATUS_ACCESS_DENIED; } - status = get_md4pw((char *)p->dc->mach_pw, mach_acct, q_u->clnt_id.sec_chan); + status = get_md4pw((char *)p->dc->mach_pw, + r->in.account_name, + r->in.secure_channel_type); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("_net_auth2: failed to get machine password for " + DEBUG(0,("_netr_ServerAuthenticate2: failed to get machine password for " "account %s: %s\n", - mach_acct, nt_errstr(status) )); + r->in.account_name, nt_errstr(status) )); /* always return NT_STATUS_ACCESS_DENIED */ return NT_STATUS_ACCESS_DENIED; } /* From the client / server challenges and md4 password, generate sess key */ - creds_server_init(q_u->clnt_flgs.neg_flags, + creds_server_init(*r->in.negotiate_flags, p->dc, &p->dc->clnt_chal, /* Stored client chal. */ &p->dc->srv_chal, /* Stored server chal. */ @@ -521,24 +506,27 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) &srv_chal_out); /* Check client credentials are valid. */ - if (!creds_server_check(p->dc, &q_u->clnt_chal)) { - DEBUG(0,("_net_auth2: creds_server_check failed. Rejecting auth " + if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { + DEBUG(0,("_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth " "request from client %s machine account %s\n", - remote_machine, mach_acct )); + r->in.computer_name, + r->in.account_name)); return NT_STATUS_ACCESS_DENIED; } - srv_flgs.neg_flags = 0x000001ff; + srv_flgs = 0x000001ff; - if (lp_server_schannel() != False) { - srv_flgs.neg_flags |= NETLOGON_NEG_SCHANNEL; + if (lp_server_schannel() != false) { + srv_flgs |= NETLOGON_NEG_SCHANNEL; } /* set up the LSA AUTH 2 response */ - init_net_r_auth_2(r_u, &srv_chal_out, &srv_flgs, NT_STATUS_OK); + memcpy(r->out.return_credentials->data, &srv_chal_out.data, + sizeof(r->out.return_credentials->data)); + *r->out.negotiate_flags = srv_flgs; - fstrcpy(p->dc->mach_acct, mach_acct); - fstrcpy(p->dc->remote_machine, remote_machine); + fstrcpy(p->dc->mach_acct, r->in.account_name); + fstrcpy(p->dc->remote_machine, r->in.computer_name); fstrcpy(p->dc->domain, lp_workgroup() ); p->dc->authenticated = True; @@ -546,11 +534,11 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) /* Store off the state so we can continue after client disconnect. */ become_root(); secrets_store_schannel_session_info(p->mem_ctx, - remote_machine, - p->dc); + r->in.computer_name, + p->dc); unbecome_root(); - return r_u->status; + return NT_STATUS_OK; } /************************************************************************* @@ -694,18 +682,17 @@ NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, } /************************************************************************* - _net_sam_logoff: + _netr_LogonSamLogoff *************************************************************************/ -NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOFF *r_u) +NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, + struct netr_LogonSamLogoff *r) { - fstring remote_machine; - if ( (lp_server_schannel() == True) && (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) ) { /* 'server schannel = yes' should enforce use of schannel, the client did offer it in auth2, but obviously did not use it. */ - DEBUG(0,("_net_sam_logoff: client %s not using schannel for netlogon\n", + DEBUG(0,("_netr_LogonSamLogoff: client %s not using schannel for netlogon\n", get_remote_machine_name() )); return NT_STATUS_ACCESS_DENIED; } @@ -714,9 +701,8 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF if (!get_valid_user_struct(p->vuid)) return NT_STATUS_NO_SUCH_USER; - /* Get the remote machine name for the creds store. */ - rpcstr_pull(remote_machine,q_u->sam_id.client.login.uni_comp_name.buffer, - sizeof(remote_machine),q_u->sam_id.client.login.uni_comp_name.uni_str_len*2,0); + /* Using the remote machine name for the creds store: */ + /* r->in.computer_name */ if (!p->dc) { /* Restore the saved state of the netlogon creds. */ @@ -724,8 +710,8 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF become_root(); ret = secrets_restore_schannel_session_info(p->pipe_state_mem_ctx, - remote_machine, - &p->dc); + r->in.computer_name, + &p->dc); unbecome_root(); if (!ret) { return NT_STATUS_INVALID_HANDLE; @@ -736,25 +722,22 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF return NT_STATUS_INVALID_HANDLE; } - r_u->buffer_creds = 1; /* yes, we have valid server credentials */ - /* checks and updates credentials. creates reply credentials */ - if (!creds_server_step(p->dc, &q_u->sam_id.client.cred, &r_u->srv_creds)) { - DEBUG(2,("_net_sam_logoff: creds_server_step failed. Rejecting auth " + if (!netlogon_creds_server_step(p->dc, r->in.credential, r->out.return_authenticator)) { + DEBUG(2,("_netr_LogonSamLogoff: netlogon_creds_server_step failed. Rejecting auth " "request from client %s machine account %s\n", - remote_machine, p->dc->mach_acct )); + r->in.computer_name, p->dc->mach_acct )); return NT_STATUS_INVALID_PARAMETER; } /* We must store the creds state after an update. */ become_root(); secrets_store_schannel_session_info(p->pipe_state_mem_ctx, - remote_machine, - p->dc); + r->in.computer_name, + p->dc); unbecome_root(); - r_u->status = NT_STATUS_OK; - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* @@ -788,52 +771,53 @@ static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx, } /************************************************************************* - _net_sam_logon + _netr_LogonSamLogon *************************************************************************/ -static NTSTATUS _net_sam_logon_internal(pipes_struct *p, - NET_Q_SAM_LOGON *q_u, - NET_R_SAM_LOGON *r_u, - bool process_creds) +NTSTATUS _netr_LogonSamLogon(pipes_struct *p, + struct netr_LogonSamLogon *r) { NTSTATUS status = NT_STATUS_OK; - NET_USER_INFO_3 *usr_info = NULL; - NET_ID_INFO_CTR *ctr = q_u->sam_id.ctr; - UNISTR2 *uni_samlogon_user = NULL; - UNISTR2 *uni_samlogon_domain = NULL; - UNISTR2 *uni_samlogon_workstation = NULL; + struct netr_SamInfo3 *sam3 = NULL; + union netr_LogonLevel *logon = r->in.logon; fstring nt_username, nt_domain, nt_workstation; auth_usersupplied_info *user_info = NULL; auth_serversupplied_info *server_info = NULL; struct samu *sampw; struct auth_context *auth_context = NULL; + bool process_creds = true; + + switch (p->hdr_req.opnum) { + case NDR_NETR_LOGONSAMLOGON: + process_creds = true; + break; + case NDR_NETR_LOGONSAMLOGONEX: + default: + process_creds = false; + } if ( (lp_server_schannel() == True) && (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) ) { /* 'server schannel = yes' should enforce use of schannel, the client did offer it in auth2, but obviously did not use it. */ - DEBUG(0,("_net_sam_logon_internal: client %s not using schannel for netlogon\n", + DEBUG(0,("_netr_LogonSamLogon: client %s not using schannel for netlogon\n", get_remote_machine_name() )); return NT_STATUS_ACCESS_DENIED; } - usr_info = TALLOC_P(p->mem_ctx, NET_USER_INFO_3); - if (!usr_info) { + sam3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo3); + if (!sam3) { return NT_STATUS_NO_MEMORY; } - ZERO_STRUCTP(usr_info); - /* store the user information, if there is any. */ - r_u->user = usr_info; - r_u->auth_resp = 1; /* authoritative response */ - if (q_u->validation_level != 2 && q_u->validation_level != 3) { - DEBUG(0,("_net_sam_logon: bad validation_level value %d.\n", (int)q_u->validation_level )); + r->out.validation->sam3 = sam3; + *r->out.authoritative = true; /* authoritative response */ + if (r->in.validation_level != 2 && r->in.validation_level != 3) { + DEBUG(0,("_netr_LogonSamLogon: bad validation_level value %d.\n", + (int)r->in.validation_level)); return NT_STATUS_ACCESS_DENIED; } - /* We handle the return of USER_INFO_2 instead of 3 in the parse return. Sucks, I know... */ - r_u->switch_value = q_u->validation_level; /* indicates type of validation user info */ - r_u->buffer_creds = 1; /* Ensure we always return server creds. */ if (!get_valid_user_struct(p->vuid)) return NT_STATUS_NO_SUCH_USER; @@ -845,8 +829,8 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, /* Note this is the remote machine this request is coming from (member server), not neccessarily the workstation name the user is logging onto. */ - rpcstr_pull(remote_machine,q_u->sam_id.client.login.uni_comp_name.buffer, - sizeof(remote_machine),q_u->sam_id.client.login.uni_comp_name.uni_str_len*2,0); + + fstrcpy(remote_machine, r->in.computer_name); if (!p->dc) { /* Restore the saved state of the netlogon creds. */ @@ -867,8 +851,8 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, } /* checks and updates credentials. creates reply credentials */ - if (!creds_server_step(p->dc, &q_u->sam_id.client.cred, &r_u->srv_creds)) { - DEBUG(2,("_net_sam_logon: creds_server_step failed. Rejecting auth " + if (!netlogon_creds_server_step(p->dc, r->in.credential, r->out.return_authenticator)) { + DEBUG(2,("_netr_LogonSamLogon: creds_server_step failed. Rejecting auth " "request from client %s machine account %s\n", remote_machine, p->dc->mach_acct )); return NT_STATUS_INVALID_PARAMETER; @@ -882,19 +866,24 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, unbecome_root(); } - switch (q_u->sam_id.logon_level) { + switch (r->in.logon_level) { case INTERACTIVE_LOGON_TYPE: - uni_samlogon_user = &ctr->auth.id1.uni_user_name; - uni_samlogon_domain = &ctr->auth.id1.uni_domain_name; - - uni_samlogon_workstation = &ctr->auth.id1.uni_wksta_name; + fstrcpy(nt_username, + logon->password->identity_info.account_name.string); + fstrcpy(nt_domain, + logon->password->identity_info.domain_name.string); + fstrcpy(nt_workstation, + logon->password->identity_info.workstation.string); DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup())); break; case NET_LOGON_TYPE: - uni_samlogon_user = &ctr->auth.id2.uni_user_name; - uni_samlogon_domain = &ctr->auth.id2.uni_domain_name; - uni_samlogon_workstation = &ctr->auth.id2.uni_wksta_name; + fstrcpy(nt_username, + logon->network->identity_info.account_name.string); + fstrcpy(nt_domain, + logon->network->identity_info.domain_name.string); + fstrcpy(nt_workstation, + logon->network->identity_info.workstation.string); DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", lp_workgroup())); break; @@ -903,24 +892,23 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, return NT_STATUS_INVALID_INFO_CLASS; } /* end switch */ - rpcstr_pull(nt_username,uni_samlogon_user->buffer,sizeof(nt_username),uni_samlogon_user->uni_str_len*2,0); - rpcstr_pull(nt_domain,uni_samlogon_domain->buffer,sizeof(nt_domain),uni_samlogon_domain->uni_str_len*2,0); - rpcstr_pull(nt_workstation,uni_samlogon_workstation->buffer,sizeof(nt_workstation),uni_samlogon_workstation->uni_str_len*2,0); - DEBUG(3,("User:[%s@%s] Requested Domain:[%s]\n", nt_username, nt_workstation, nt_domain)); fstrcpy(current_user_info.smb_name, nt_username); sub_set_smb_name(nt_username); - DEBUG(5,("Attempting validation level %d for unmapped username %s.\n", q_u->sam_id.ctr->switch_value, nt_username)); + DEBUG(5,("Attempting validation level %d for unmapped username %s.\n", + r->in.validation_level, nt_username)); status = NT_STATUS_OK; - switch (ctr->switch_value) { + switch (r->in.logon_level) { case NET_LOGON_TYPE: { const char *wksname = nt_workstation; - if (!NT_STATUS_IS_OK(status = make_auth_context_fixed(&auth_context, ctr->auth.id2.lm_chal))) { + status = make_auth_context_fixed(&auth_context, + logon->network->challenge); + if (!NT_STATUS_IS_OK(status)) { return status; } @@ -934,11 +922,11 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, if (!make_user_info_netlogon_network(&user_info, nt_username, nt_domain, wksname, - ctr->auth.id2.param_ctrl, - ctr->auth.id2.lm_chal_resp.buffer, - ctr->auth.id2.lm_chal_resp.str_str_len, - ctr->auth.id2.nt_chal_resp.buffer, - ctr->auth.id2.nt_chal_resp.str_str_len)) { + logon->network->identity_info.parameter_control, + logon->network->lm.data, + logon->network->lm.length, + logon->network->nt.data, + logon->network->nt.length)) { status = NT_STATUS_NO_MEMORY; } break; @@ -960,10 +948,10 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, if (!make_user_info_netlogon_interactive(&user_info, nt_username, nt_domain, nt_workstation, - ctr->auth.id1.param_ctrl, + logon->password->identity_info.parameter_control, chal, - ctr->auth.id1.lm_owf.data, - ctr->auth.id1.nt_owf.data, + logon->password->lmpassword.hash, + logon->password->ntpassword.hash, p->dc->sess_key)) { status = NT_STATUS_NO_MEMORY; } @@ -982,7 +970,7 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, (auth_context->free)(&auth_context); free_user_info(&user_info); - DEBUG(5, ("_net_sam_logon: check_password returned status %s\n", + DEBUG(5,("_netr_LogonSamLogon: check_password returned status %s\n", nt_errstr(status))); /* Check account and password */ @@ -995,7 +983,7 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) && !strequal(nt_domain, get_global_sam_name()) && !is_trusted_domain(nt_domain) ) - r_u->auth_resp = 0; /* We are not authoritative */ + *r->out.authoritative = false; /* We are not authoritative */ TALLOC_FREE(server_info); return status; @@ -1003,7 +991,7 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, if (server_info->guest) { /* We don't like guest domain logons... */ - DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST " + DEBUG(5,("_netr_LogonSamLogon: Attempted domain logon as GUEST " "denied.\n")); TALLOC_FREE(server_info); return NT_STATUS_LOGON_FAILURE; @@ -1022,29 +1010,40 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, int num_gids = 0; const char *my_name; - unsigned char user_session_key[16]; - unsigned char lm_session_key[16]; + + struct netr_UserSessionKey user_session_key; + struct netr_LMSessionKey lm_session_key; unsigned char pipe_session_key[16]; - sampw = server_info->sam_account; + NTTIME last_logon, last_logoff, acct_expiry, last_password_change; + NTTIME allow_password_change, force_password_change; + struct samr_RidWithAttributeArray groups; + int i; + struct dom_sid2 *sid = NULL; - /* set up pointer indicating user/password failed to be - * found */ - usr_info->ptr_user_info = 0; + ZERO_STRUCT(user_session_key); + ZERO_STRUCT(lm_session_key); + + sampw = server_info->sam_account; user_sid = pdb_get_user_sid(sampw); group_sid = pdb_get_group_sid(sampw); if ((user_sid == NULL) || (group_sid == NULL)) { - DEBUG(1, ("_net_sam_logon: User without group or user SID\n")); + DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n")); return NT_STATUS_UNSUCCESSFUL; } sid_copy(&domain_sid, user_sid); sid_split_rid(&domain_sid, &user_rid); + sid = sid_dup_talloc(p->mem_ctx, &domain_sid); + if (!sid) { + return NT_STATUS_NO_MEMORY; + } + if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) { - DEBUG(1, ("_net_sam_logon: user %s\\%s has user sid " + DEBUG(1, ("_netr_LogonSamLogon: user %s\\%s has user sid " "%s\n but group sid %s.\n" "The conflicting domain portions are not " "supported for NETLOGON calls\n", @@ -1071,9 +1070,9 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, } if (server_info->user_session_key.length) { - memcpy(user_session_key, + memcpy(user_session_key.key, server_info->user_session_key.data, - MIN(sizeof(user_session_key), + MIN(sizeof(user_session_key.key), server_info->user_session_key.length)); if (process_creds) { /* Get the pipe session key from the creds. */ @@ -1085,13 +1084,13 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, } memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16); } - SamOEMhash(user_session_key, pipe_session_key, 16); + SamOEMhash(user_session_key.key, pipe_session_key, 16); memset(pipe_session_key, '\0', 16); } if (server_info->lm_session_key.length) { - memcpy(lm_session_key, + memcpy(lm_session_key.key, server_info->lm_session_key.data, - MIN(sizeof(lm_session_key), + MIN(sizeof(lm_session_key.key), server_info->lm_session_key.length)); if (process_creds) { /* Get the pipe session key from the creds. */ @@ -1103,36 +1102,56 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, } memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16); } - SamOEMhash(lm_session_key, pipe_session_key, 16); + SamOEMhash(lm_session_key.key, pipe_session_key, 16); memset(pipe_session_key, '\0', 16); } - init_net_user_info3(p->mem_ctx, usr_info, - user_rid, - group_rid, - pdb_get_username(sampw), - pdb_get_fullname(sampw), - pdb_get_homedir(sampw), - pdb_get_dir_drive(sampw), - pdb_get_logon_script(sampw), - pdb_get_profile_path(sampw), - pdb_get_logon_time(sampw), - get_time_t_max(), - get_time_t_max(), - pdb_get_pass_last_set_time(sampw), - pdb_get_pass_can_change_time(sampw), - pdb_get_pass_must_change_time(sampw), - 0, /* logon_count */ - 0, /* bad_pw_count */ - num_gids, /* uint32 num_groups */ - gids , /* DOM_GID *gids */ - NETLOGON_EXTRA_SIDS, /* uint32 user_flgs (?) */ - pdb_get_acct_ctrl(sampw), - server_info->user_session_key.length ? user_session_key : NULL, - server_info->lm_session_key.length ? lm_session_key : NULL, - my_name , /* char *logon_srv */ - pdb_get_domain(sampw), - &domain_sid); /* DOM_SID *dom_sid */ + groups.count = num_gids; + groups.rids = TALLOC_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, + groups.count); + if (!groups.rids) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; i < groups.count; i++) { + groups.rids[i].rid = gids[i].g_rid; + groups.rids[i].attributes = gids[i].attr; + } + + unix_to_nt_time(&last_logon, pdb_get_logon_time(sampw)); + unix_to_nt_time(&last_logoff, get_time_t_max()); + unix_to_nt_time(&acct_expiry, get_time_t_max()); + unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(sampw)); + unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(sampw)); + unix_to_nt_time(&force_password_change, pdb_get_pass_must_change_time(sampw)); + + init_netr_SamInfo3(sam3, + last_logon, + last_logoff, + acct_expiry, + last_password_change, + allow_password_change, + force_password_change, + talloc_strdup(p->mem_ctx, pdb_get_username(sampw)), + talloc_strdup(p->mem_ctx, pdb_get_fullname(sampw)), + talloc_strdup(p->mem_ctx, pdb_get_logon_script(sampw)), + talloc_strdup(p->mem_ctx, pdb_get_profile_path(sampw)), + talloc_strdup(p->mem_ctx, pdb_get_homedir(sampw)), + talloc_strdup(p->mem_ctx, pdb_get_dir_drive(sampw)), + 0, /* logon_count */ + 0, /* bad_password_count */ + user_rid, + group_rid, + groups, + NETLOGON_EXTRA_SIDS, + user_session_key, + my_name, + talloc_strdup(p->mem_ctx, pdb_get_domain(sampw)), + sid, + lm_session_key, + pdb_get_acct_ctrl(sampw), + 0, /* sidcount */ + NULL); /* struct netr_SidAttr *sids */ ZERO_STRUCT(user_session_key); ZERO_STRUCT(lm_session_key); } @@ -1141,25 +1160,14 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, } /************************************************************************* - _net_sam_logon - *************************************************************************/ - -NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_u) -{ - return _net_sam_logon_internal(p, q_u, r_u, True); -} - -/************************************************************************* - _net_sam_logon_ex - no credential chaining. Map into net sam logon. + _netr_LogonSamLogonEx + - no credential chaining. Map into net sam logon. *************************************************************************/ -NTSTATUS _net_sam_logon_ex(pipes_struct *p, NET_Q_SAM_LOGON_EX *q_u, NET_R_SAM_LOGON_EX *r_u) +NTSTATUS _netr_LogonSamLogonEx(pipes_struct *p, + struct netr_LogonSamLogonEx *r) { - NET_Q_SAM_LOGON q; - NET_R_SAM_LOGON r; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); + struct netr_LogonSamLogon q; /* Only allow this if the pipe is protected. */ if (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) { @@ -1168,26 +1176,20 @@ NTSTATUS _net_sam_logon_ex(pipes_struct *p, NET_Q_SAM_LOGON_EX *q_u, NET_R_SAM_L return NT_STATUS_INVALID_PARAMETER; } - /* Map a NET_Q_SAM_LOGON_EX to NET_Q_SAM_LOGON. */ - q.validation_level = q_u->validation_level; - - /* Map a DOM_SAM_INFO_EX into a DOM_SAM_INFO with no creds. */ - q.sam_id.client.login = q_u->sam_id.client; - q.sam_id.logon_level = q_u->sam_id.logon_level; - q.sam_id.ctr = q_u->sam_id.ctr; - - r_u->status = _net_sam_logon_internal(p, &q, &r, False); + q.in.server_name = r->in.server_name; + q.in.computer_name = r->in.computer_name; + q.in.logon_level = r->in.logon_level; + q.in.logon = r->in.logon; + q.in.validation_level = r->in.validation_level; + /* we do not handle the flags */ + /* = r->in.flags; */ - if (!NT_STATUS_IS_OK(r_u->status)) { - return r_u->status; - } + q.out.validation = r->out.validation; + q.out.authoritative = r->out.authoritative; + /* we do not handle the flags */ + /* = r->out.flags; */ - /* Map the NET_R_SAM_LOGON to NET_R_SAM_LOGON_EX. */ - r_u->switch_value = r.switch_value; - r_u->user = r.user; - r_u->auth_resp = r.auth_resp; - r_u->flags = 0; /* FIXME ! */ - return r_u->status; + return _netr_LogonSamLogon(p, &q); } /************************************************************************* @@ -1233,26 +1235,6 @@ WERROR _netr_LogonUasLogoff(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _netr_LogonSamLogon(pipes_struct *p, - struct netr_LogonSamLogon *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, - struct netr_LogonSamLogoff *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, struct netr_DatabaseDeltas *r) { @@ -1313,16 +1295,6 @@ WERROR _netr_GetAnyDCName(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, - struct netr_ServerAuthenticate2 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _netr_DatabaseSync2(pipes_struct *p, struct netr_DatabaseSync2 *r) { @@ -1543,16 +1515,6 @@ WERROR _netr_DsrGetDcSiteCoverageW(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _netr_LogonSamLogonEx(pipes_struct *p, - struct netr_LogonSamLogonEx *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - WERROR _netr_DsrEnumerateDomainTrusts(pipes_struct *p, struct netr_DsrEnumerateDomainTrusts *r) { diff --git a/source3/rpc_server/srv_ntsvcs.c b/source3/rpc_server/srv_ntsvcs.c index b3e93ac459..12fffc3e96 100644 --- a/source3/rpc_server/srv_ntsvcs.c +++ b/source3/rpc_server/srv_ntsvcs.c @@ -25,49 +25,38 @@ /******************************************************************* ********************************************************************/ -static bool api_ntsvcs_get_version(pipes_struct *p) +static bool proxy_ntsvcs_call(pipes_struct *p, uint8_t opnum) { - NTSVCS_Q_GET_VERSION q_u; - NTSVCS_R_GET_VERSION r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); + struct api_struct *fns; + int n_fns; - if(!ntsvcs_io_q_get_version("", &q_u, data, 0)) - return False; + ntsvcs_get_pipe_fns(&fns, &n_fns); - r_u.status = _ntsvcs_get_version(p, &q_u, &r_u); + if (opnum >= n_fns) { + return false; + } - if(!ntsvcs_io_r_get_version("", &r_u, rdata, 0)) - return False; + if (fns[opnum].opnum != opnum) { + smb_panic("NTSVCS function table not sorted"); + } - return True; + return fns[opnum].fn(p); } /******************************************************************* ********************************************************************/ -static bool api_ntsvcs_get_device_list_size(pipes_struct *p) +static bool api_ntsvcs_get_version(pipes_struct *p) { - NTSVCS_Q_GET_DEVICE_LIST_SIZE q_u; - NTSVCS_R_GET_DEVICE_LIST_SIZE r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!ntsvcs_io_q_get_device_list_size("", &q_u, data, 0)) - return False; - - r_u.status = _ntsvcs_get_device_list_size(p, &q_u, &r_u); + return proxy_ntsvcs_call(p, NDR_PNP_GETVERSION); +} - if(!ntsvcs_io_r_get_device_list_size("", &r_u, rdata, 0)) - return False; +/******************************************************************* + ********************************************************************/ - return True; +static bool api_ntsvcs_get_device_list_size(pipes_struct *p) +{ + return proxy_ntsvcs_call(p, NDR_PNP_GETDEVICELISTSIZE); } /******************************************************************* @@ -99,23 +88,7 @@ static bool api_ntsvcs_get_device_list(pipes_struct *p) static bool api_ntsvcs_validate_device_instance(pipes_struct *p) { - NTSVCS_Q_VALIDATE_DEVICE_INSTANCE q_u; - NTSVCS_R_VALIDATE_DEVICE_INSTANCE r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!ntsvcs_io_q_validate_device_instance("", &q_u, data, 0)) - return False; - - r_u.status = _ntsvcs_validate_device_instance(p, &q_u, &r_u); - - if(!ntsvcs_io_r_validate_device_instance("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_ntsvcs_call(p, NDR_PNP_VALIDATEDEVICEINSTANCE); } /******************************************************************* @@ -147,23 +120,7 @@ static bool api_ntsvcs_get_device_reg_property(pipes_struct *p) static bool api_ntsvcs_get_hw_profile_info(pipes_struct *p) { - NTSVCS_Q_GET_HW_PROFILE_INFO q_u; - NTSVCS_R_GET_HW_PROFILE_INFO r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!ntsvcs_io_q_get_hw_profile_info("", &q_u, data, 0)) - return False; - - r_u.status = _ntsvcs_get_hw_profile_info(p, &q_u, &r_u); - - if(!ntsvcs_io_r_get_hw_profile_info("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_ntsvcs_call(p, NDR_PNP_GETHWPROFINFO); } /******************************************************************* @@ -171,23 +128,7 @@ static bool api_ntsvcs_get_hw_profile_info(pipes_struct *p) static bool api_ntsvcs_hw_profile_flags(pipes_struct *p) { - NTSVCS_Q_HW_PROFILE_FLAGS q_u; - NTSVCS_R_HW_PROFILE_FLAGS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!ntsvcs_io_q_hw_profile_flags("", &q_u, data, 0)) - return False; - - r_u.status = _ntsvcs_hw_profile_flags(p, &q_u, &r_u); - - if(!ntsvcs_io_r_hw_profile_flags("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_ntsvcs_call(p, NDR_PNP_HWPROFFLAGS); } /******************************************************************* @@ -206,13 +147,13 @@ static struct api_struct api_ntsvcs_cmds[] = }; -void ntsvcs_get_pipe_fns( struct api_struct **fns, int *n_fns ) +void ntsvcs2_get_pipe_fns( struct api_struct **fns, int *n_fns ) { *fns = api_ntsvcs_cmds; *n_fns = sizeof(api_ntsvcs_cmds) / sizeof(struct api_struct); } -NTSTATUS rpc_ntsvcs_init(void) +NTSTATUS rpc_ntsvcs2_init(void) { return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "ntsvcs", "ntsvcs", api_ntsvcs_cmds, sizeof(api_ntsvcs_cmds) / sizeof(struct api_struct)); diff --git a/source3/rpc_server/srv_ntsvcs_nt.c b/source3/rpc_server/srv_ntsvcs_nt.c index 16c74c5d6d..11ea5d0cd1 100644 --- a/source3/rpc_server/srv_ntsvcs_nt.c +++ b/source3/rpc_server/srv_ntsvcs_nt.c @@ -34,31 +34,31 @@ static char* get_device_path(TALLOC_CTX *mem_ctx, const char *device ) /******************************************************************** ********************************************************************/ -WERROR _ntsvcs_get_version( pipes_struct *p, NTSVCS_Q_GET_VERSION *q_u, NTSVCS_R_GET_VERSION *r_u ) +WERROR _PNP_GetVersion(pipes_struct *p, + struct PNP_GetVersion *r) { - r_u->version = 0x00000400; /* no idea what this means */ - + *r->out.version = 0x0400; /* no idea what this means */ + return WERR_OK; } /******************************************************************** ********************************************************************/ -WERROR _ntsvcs_get_device_list_size( pipes_struct *p, NTSVCS_Q_GET_DEVICE_LIST_SIZE *q_u, NTSVCS_R_GET_DEVICE_LIST_SIZE *r_u ) +WERROR _PNP_GetDeviceListSize(pipes_struct *p, + struct PNP_GetDeviceListSize *r) { - fstring device; char *devicepath; - if ( !q_u->devicename ) + if (!r->in.devicename) { return WERR_ACCESS_DENIED; + } - rpcstr_pull(device, q_u->devicename->buffer, sizeof(device), q_u->devicename->uni_str_len*2, 0); - - if (!(devicepath = get_device_path(p->mem_ctx, device))) { + if (!(devicepath = get_device_path(p->mem_ctx, r->in.devicename))) { return WERR_NOMEM; } - r_u->size = strlen(devicepath) + 2; + *r->out.size = strlen(devicepath) + 2; TALLOC_FREE(devicepath); @@ -143,7 +143,8 @@ WERROR _ntsvcs_get_device_reg_property( pipes_struct *p, NTSVCS_Q_GET_DEVICE_REG /******************************************************************** ********************************************************************/ -WERROR _ntsvcs_validate_device_instance( pipes_struct *p, NTSVCS_Q_VALIDATE_DEVICE_INSTANCE *q_u, NTSVCS_R_VALIDATE_DEVICE_INSTANCE *r_u ) +WERROR _PNP_ValidateDeviceInstance(pipes_struct *p, + struct PNP_ValidateDeviceInstance *r) { /* whatever dude */ return WERR_OK; @@ -152,12 +153,12 @@ WERROR _ntsvcs_validate_device_instance( pipes_struct *p, NTSVCS_Q_VALIDATE_DEVI /******************************************************************** ********************************************************************/ -WERROR _ntsvcs_get_hw_profile_info( pipes_struct *p, NTSVCS_Q_GET_HW_PROFILE_INFO *q_u, NTSVCS_R_GET_HW_PROFILE_INFO *r_u ) +WERROR _PNP_GetHwProfInfo(pipes_struct *p, + struct PNP_GetHwProfInfo *r) { /* steal the incoming buffer */ - r_u->buffer_size = q_u->buffer_size; - r_u->buffer = q_u->buffer; + r->out.info = r->in.info; /* Take the 5th Ammentment */ @@ -167,10 +168,611 @@ WERROR _ntsvcs_get_hw_profile_info( pipes_struct *p, NTSVCS_Q_GET_HW_PROFILE_INF /******************************************************************** ********************************************************************/ -WERROR _ntsvcs_hw_profile_flags( pipes_struct *p, NTSVCS_Q_HW_PROFILE_FLAGS *q_u, NTSVCS_R_HW_PROFILE_FLAGS *r_u ) -{ +WERROR _PNP_HwProfFlags(pipes_struct *p, + struct PNP_HwProfFlags *r) +{ /* just nod your head */ - + return WERR_OK; } +/**************************************************************** +****************************************************************/ + +WERROR _PNP_Disconnect(pipes_struct *p, + struct PNP_Disconnect *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_Connect(pipes_struct *p, + struct PNP_Connect *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetGlobalState(pipes_struct *p, + struct PNP_GetGlobalState *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_InitDetection(pipes_struct *p, + struct PNP_InitDetection *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_ReportLogOn(pipes_struct *p, + struct PNP_ReportLogOn *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetRootDeviceInstance(pipes_struct *p, + struct PNP_GetRootDeviceInstance *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetRelatedDeviceInstance(pipes_struct *p, + struct PNP_GetRelatedDeviceInstance *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_EnumerateSubKeys(pipes_struct *p, + struct PNP_EnumerateSubKeys *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetDeviceList(pipes_struct *p, + struct PNP_GetDeviceList *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetDepth(pipes_struct *p, + struct PNP_GetDepth *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetDeviceRegProp(pipes_struct *p, + struct PNP_GetDeviceRegProp *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_SetDeviceRegProp(pipes_struct *p, + struct PNP_SetDeviceRegProp *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetClassInstance(pipes_struct *p, + struct PNP_GetClassInstance *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_CreateKey(pipes_struct *p, + struct PNP_CreateKey *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_DeleteRegistryKey(pipes_struct *p, + struct PNP_DeleteRegistryKey *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetClassCount(pipes_struct *p, + struct PNP_GetClassCount *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetClassName(pipes_struct *p, + struct PNP_GetClassName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_DeleteClassKey(pipes_struct *p, + struct PNP_DeleteClassKey *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetInterfaceDeviceAlias(pipes_struct *p, + struct PNP_GetInterfaceDeviceAlias *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetInterfaceDeviceList(pipes_struct *p, + struct PNP_GetInterfaceDeviceList *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetInterfaceDeviceListSize(pipes_struct *p, + struct PNP_GetInterfaceDeviceListSize *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RegisterDeviceClassAssociation(pipes_struct *p, + struct PNP_RegisterDeviceClassAssociation *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_UnregisterDeviceClassAssociation(pipes_struct *p, + struct PNP_UnregisterDeviceClassAssociation *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetClassRegProp(pipes_struct *p, + struct PNP_GetClassRegProp *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_SetClassRegProp(pipes_struct *p, + struct PNP_SetClassRegProp *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_CreateDevInst(pipes_struct *p, + struct PNP_CreateDevInst *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_DeviceInstanceAction(pipes_struct *p, + struct PNP_DeviceInstanceAction *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetDeviceStatus(pipes_struct *p, + struct PNP_GetDeviceStatus *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_SetDeviceProblem(pipes_struct *p, + struct PNP_SetDeviceProblem *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_DisableDevInst(pipes_struct *p, + struct PNP_DisableDevInst *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_UninstallDevInst(pipes_struct *p, + struct PNP_UninstallDevInst *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_AddID(pipes_struct *p, + struct PNP_AddID *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RegisterDriver(pipes_struct *p, + struct PNP_RegisterDriver *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_QueryRemove(pipes_struct *p, + struct PNP_QueryRemove *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RequestDeviceEject(pipes_struct *p, + struct PNP_RequestDeviceEject *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_IsDockStationPresent(pipes_struct *p, + struct PNP_IsDockStationPresent *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RequestEjectPC(pipes_struct *p, + struct PNP_RequestEjectPC *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_AddEmptyLogConf(pipes_struct *p, + struct PNP_AddEmptyLogConf *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_FreeLogConf(pipes_struct *p, + struct PNP_FreeLogConf *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetFirstLogConf(pipes_struct *p, + struct PNP_GetFirstLogConf *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetNextLogConf(pipes_struct *p, + struct PNP_GetNextLogConf *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetLogConfPriority(pipes_struct *p, + struct PNP_GetLogConfPriority *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_AddResDes(pipes_struct *p, + struct PNP_AddResDes *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_FreeResDes(pipes_struct *p, + struct PNP_FreeResDes *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetNextResDes(pipes_struct *p, + struct PNP_GetNextResDes *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetResDesData(pipes_struct *p, + struct PNP_GetResDesData *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetResDesDataSize(pipes_struct *p, + struct PNP_GetResDesDataSize *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_ModifyResDes(pipes_struct *p, + struct PNP_ModifyResDes *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_DetectResourceLimit(pipes_struct *p, + struct PNP_DetectResourceLimit *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_QueryResConfList(pipes_struct *p, + struct PNP_QueryResConfList *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_SetHwProf(pipes_struct *p, + struct PNP_SetHwProf *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_QueryArbitratorFreeData(pipes_struct *p, + struct PNP_QueryArbitratorFreeData *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_QueryArbitratorFreeSize(pipes_struct *p, + struct PNP_QueryArbitratorFreeSize *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RunDetection(pipes_struct *p, + struct PNP_RunDetection *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_RegisterNotification(pipes_struct *p, + struct PNP_RegisterNotification *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_UnregisterNotification(pipes_struct *p, + struct PNP_UnregisterNotification *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetCustomDevProp(pipes_struct *p, + struct PNP_GetCustomDevProp *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetVersionInternal(pipes_struct *p, + struct PNP_GetVersionInternal *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetBlockedDriverInfo(pipes_struct *p, + struct PNP_GetBlockedDriverInfo *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _PNP_GetServerSideDeviceInstallFlags(pipes_struct *p, + struct PNP_GetServerSideDeviceInstallFlags *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index a671f89238..4d066a6b7a 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -2376,7 +2376,7 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) switch ( idx ) { case PI_LSARPC: - lsa_get_pipe_fns( &cmds, &n_cmds ); + lsarpc_get_pipe_fns( &cmds, &n_cmds ); break; case PI_DSSETUP: dssetup_get_pipe_fns( &cmds, &n_cmds ); @@ -2385,7 +2385,7 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) samr_get_pipe_fns( &cmds, &n_cmds ); break; case PI_NETLOGON: - netlog_get_pipe_fns( &cmds, &n_cmds ); + netlogon_get_pipe_fns( &cmds, &n_cmds ); break; case PI_SRVSVC: srvsvc2_get_pipe_fns( &cmds, &n_cmds ); @@ -2409,7 +2409,7 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) eventlog2_get_pipe_fns( &cmds, &n_cmds ); break; case PI_NTSVCS: - ntsvcs_get_pipe_fns( &cmds, &n_cmds ); + ntsvcs2_get_pipe_fns( &cmds, &n_cmds ); break; #ifdef DEVELOPER case PI_RPCECHO: diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 0db74c2a1b..df7bb9b206 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2535,10 +2535,10 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, logon_hours, pdb_get_bad_password_count(pw), pdb_get_logon_count(pw), - 0, //country_code, - 0, //code_page, - 0, //nt_password_set, - 0, //lm_password_set, + 0, /* country_code */ + 0, /* code_page */ + 0, /* nt_password_set */ + 0, /* lm_password_set */ password_expired); TALLOC_FREE(pw); diff --git a/source3/rpc_server/srv_svcctl.c b/source3/rpc_server/srv_svcctl.c index ce81a24202..565c93fa77 100644 --- a/source3/rpc_server/srv_svcctl.c +++ b/source3/rpc_server/srv_svcctl.c @@ -53,23 +53,7 @@ static bool api_svcctl_close_service(pipes_struct *p) static bool api_svcctl_open_scmanager(pipes_struct *p) { - SVCCTL_Q_OPEN_SCMANAGER q_u; - SVCCTL_R_OPEN_SCMANAGER r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_open_scmanager("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_open_scmanager(p, &q_u, &r_u); - - if(!svcctl_io_r_open_scmanager("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_OPENSCMANAGERW); } /******************************************************************* @@ -77,23 +61,7 @@ static bool api_svcctl_open_scmanager(pipes_struct *p) static bool api_svcctl_open_service(pipes_struct *p) { - SVCCTL_Q_OPEN_SERVICE q_u; - SVCCTL_R_OPEN_SERVICE r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_open_service("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_open_service(p, &q_u, &r_u); - - if(!svcctl_io_r_open_service("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_OPENSERVICEW); } /******************************************************************* @@ -101,23 +69,7 @@ static bool api_svcctl_open_service(pipes_struct *p) static bool api_svcctl_get_display_name(pipes_struct *p) { - SVCCTL_Q_GET_DISPLAY_NAME q_u; - SVCCTL_R_GET_DISPLAY_NAME r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_get_display_name("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_get_display_name(p, &q_u, &r_u); - - if(!svcctl_io_r_get_display_name("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_GETSERVICEDISPLAYNAMEW); } /******************************************************************* @@ -125,23 +77,7 @@ static bool api_svcctl_get_display_name(pipes_struct *p) static bool api_svcctl_query_status(pipes_struct *p) { - SVCCTL_Q_QUERY_STATUS q_u; - SVCCTL_R_QUERY_STATUS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_query_status("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_query_status(p, &q_u, &r_u); - - if(!svcctl_io_r_query_status("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_QUERYSERVICESTATUS); } /******************************************************************* @@ -219,23 +155,7 @@ static bool api_svcctl_enum_dependent_services(pipes_struct *p) static bool api_svcctl_start_service(pipes_struct *p) { - SVCCTL_Q_START_SERVICE q_u; - SVCCTL_R_START_SERVICE r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_start_service("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_start_service(p, &q_u, &r_u); - - if(!svcctl_io_r_start_service("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_STARTSERVICEW); } /******************************************************************* @@ -243,23 +163,7 @@ static bool api_svcctl_start_service(pipes_struct *p) static bool api_svcctl_control_service(pipes_struct *p) { - SVCCTL_Q_CONTROL_SERVICE q_u; - SVCCTL_R_CONTROL_SERVICE r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_control_service("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_control_service(p, &q_u, &r_u); - - if(!svcctl_io_r_control_service("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_CONTROLSERVICE); } /******************************************************************* @@ -315,23 +219,7 @@ static bool api_svcctl_query_service_config2(pipes_struct *p) static bool api_svcctl_lock_service_db(pipes_struct *p) { - SVCCTL_Q_LOCK_SERVICE_DB q_u; - SVCCTL_R_LOCK_SERVICE_DB r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_lock_service_db("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_lock_service_db(p, &q_u, &r_u); - - if(!svcctl_io_r_lock_service_db("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_LOCKSERVICEDATABASE); } @@ -340,23 +228,7 @@ static bool api_svcctl_lock_service_db(pipes_struct *p) static bool api_svcctl_unlock_service_db(pipes_struct *p) { - SVCCTL_Q_UNLOCK_SERVICE_DB q_u; - SVCCTL_R_UNLOCK_SERVICE_DB r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!svcctl_io_q_unlock_service_db("", &q_u, data, 0)) - return False; - - r_u.status = _svcctl_unlock_service_db(p, &q_u, &r_u); - - if(!svcctl_io_r_unlock_service_db("", &r_u, rdata, 0)) - return False; - - return True; + return proxy_svcctl_call(p, NDR_SVCCTL_UNLOCKSERVICEDATABASE); } /******************************************************************* diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index ac45d8bf75..53154ef0c9 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -1,22 +1,22 @@ -/* +/* * Unix SMB/CIFS implementation. * RPC Pipe client / server routines * * Copyright (C) Marcin Krzysztof Porwit 2005. - * + * * Largely Rewritten (Again) by: * Copyright (C) Gerald (Jerry) Carter 2005. - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, see <http://www.gnu.org/licenses/>. */ @@ -63,42 +63,42 @@ bool init_service_op_table( void ) const char **service_list = lp_svcctl_list(); int num_services = SVCCTL_NUM_INTERNAL_SERVICES + str_list_count( service_list ); int i; - + if ( !(svcctl_ops = TALLOC_ARRAY( NULL, struct service_control_op, num_services+1)) ) { DEBUG(0,("init_service_op_table: talloc() failed!\n")); return False; } /* services listed in smb.conf get the rc.init interface */ - + for ( i=0; service_list && service_list[i]; i++ ) { svcctl_ops[i].name = talloc_strdup( svcctl_ops, service_list[i] ); svcctl_ops[i].ops = &rcinit_svc_ops; } - + /* add builtin services */ - + svcctl_ops[i].name = talloc_strdup( svcctl_ops, "Spooler" ); svcctl_ops[i].ops = &spoolss_svc_ops; i++; - + svcctl_ops[i].name = talloc_strdup( svcctl_ops, "NETLOGON" ); svcctl_ops[i].ops = &netlogon_svc_ops; i++; - + svcctl_ops[i].name = talloc_strdup( svcctl_ops, "RemoteRegistry" ); svcctl_ops[i].ops = &winreg_svc_ops; i++; - + svcctl_ops[i].name = talloc_strdup( svcctl_ops, "WINS" ); svcctl_ops[i].ops = &wins_svc_ops; i++; - + /* NULL terminate the array */ - + svcctl_ops[i].name = NULL; svcctl_ops[i].ops = NULL; - + return True; } @@ -119,7 +119,7 @@ static struct service_control_op* find_service_by_name( const char *name ) /******************************************************************** ********************************************************************/ -static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, +static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, uint32 access_desired, uint32 *access_granted ) { NTSTATUS result; @@ -128,7 +128,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, DEBUG(5,("svcctl_access_check: using root's token\n")); token = get_root_nt_token(); } - + se_access_check( sec_desc, token, access_desired, access_granted, &result ); return result; @@ -139,7 +139,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) { - SEC_ACE ace[2]; + SEC_ACE ace[2]; SEC_ACCESS mask; size_t i = 0; SEC_DESC *sd; @@ -147,18 +147,18 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) size_t sd_size; /* basic access for Everyone */ - + init_sec_access(&mask, SC_MANAGER_READ_ACCESS ); init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - + /* Full Access 'BUILTIN\Administrators' */ - + init_sec_access(&mask,SC_MANAGER_ALL_ACCESS ); init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - - + + /* create the security descriptor */ - + if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) ) return NULL; @@ -173,7 +173,7 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) /****************************************************************** free() function for REGISTRY_KEY *****************************************************************/ - + static void free_service_handle_info(void *ptr) { TALLOC_FREE( ptr ); @@ -197,21 +197,21 @@ static SERVICE_INFO *find_service_info_by_hnd(pipes_struct *p, POLICY_HND *hnd) /****************************************************************** *****************************************************************/ - + static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, uint32 type, const char *service, uint32 access_granted ) { SERVICE_INFO *info = NULL; WERROR result = WERR_OK; struct service_control_op *s_op; - + if ( !(info = TALLOC_ZERO_P( NULL, SERVICE_INFO )) ) return WERR_NOMEM; /* the Service Manager has a NULL name */ - + info->type = SVC_HANDLE_IS_SCM; - + switch ( type ) { case SVC_HANDLE_IS_SCM: info->type = SVC_HANDLE_IS_SCM; @@ -220,17 +220,17 @@ static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, u case SVC_HANDLE_IS_DBLOCK: info->type = SVC_HANDLE_IS_DBLOCK; break; - + case SVC_HANDLE_IS_SERVICE: info->type = SVC_HANDLE_IS_SERVICE; - + /* lookup the SERVICE_CONTROL_OPS */ if ( !(s_op = find_service_by_name( service )) ) { result = WERR_NO_SUCH_SERVICE; goto done; } - + info->ops = s_op->ops; if ( !(info->name = talloc_strdup( info, s_op->name )) ) { @@ -244,15 +244,15 @@ static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, u goto done; } - info->access_granted = access_granted; - + info->access_granted = access_granted; + /* store the SERVICE_INFO and create an open handle */ - + if ( !create_policy_hnd( p, handle, free_service_handle_info, info ) ) { result = WERR_ACCESS_DENIED; goto done; } - + done: if ( !W_ERROR_IS_OK(result) ) free_service_handle_info( info ); @@ -263,62 +263,61 @@ done: /******************************************************************** ********************************************************************/ -WERROR _svcctl_open_scmanager(pipes_struct *p, SVCCTL_Q_OPEN_SCMANAGER *q_u, SVCCTL_R_OPEN_SCMANAGER *r_u) +WERROR _svcctl_OpenSCManagerW(pipes_struct *p, + struct svcctl_OpenSCManagerW *r) { SEC_DESC *sec_desc; uint32 access_granted = 0; NTSTATUS status; - + /* perform access checks */ - + if ( !(sec_desc = construct_scm_sd( p->mem_ctx )) ) return WERR_NOMEM; - - se_map_generic( &q_u->access, &scm_generic_map ); - status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted ); + + se_map_generic( &r->in.access_mask, &scm_generic_map ); + status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, r->in.access_mask, &access_granted ); if ( !NT_STATUS_IS_OK(status) ) return ntstatus_to_werror( status ); - - return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SCM, NULL, access_granted ); + + return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SCM, NULL, access_granted ); } /******************************************************************** + _svcctl_OpenServiceW ********************************************************************/ -WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_R_OPEN_SERVICE *r_u) +WERROR _svcctl_OpenServiceW(pipes_struct *p, + struct svcctl_OpenServiceW *r) { SEC_DESC *sec_desc; uint32 access_granted = 0; NTSTATUS status; - char *service = NULL; - size_t ret = rpcstr_pull_talloc(p->mem_ctx, - &service, - q_u->servicename.buffer, - q_u->servicename.uni_str_len*2, - 0); - - if (ret == (size_t)-1 || !service) { + const char *service = NULL; + + service = r->in.ServiceName; + if (!service) { return WERR_NOMEM; } - DEBUG(5, ("_svcctl_open_service: Attempting to open Service [%s], \n", service)); + DEBUG(5, ("_svcctl_OpenServiceW: Attempting to open Service [%s], \n", service)); /* based on my tests you can open a service if you have a valid scm handle */ - if ( !find_service_info_by_hnd( p, &q_u->handle ) ) + if ( !find_service_info_by_hnd( p, r->in.scmanager_handle) ) return WERR_BADFID; - /* perform access checks. Use the root token in order to ensure that we + /* perform access checks. Use the root token in order to ensure that we retrieve the security descriptor */ if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) ) return WERR_NOMEM; - se_map_generic( &q_u->access, &svc_generic_map ); - status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted ); + se_map_generic( &r->in.access_mask, &svc_generic_map ); + status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, r->in.access_mask, &access_granted ); if ( !NT_STATUS_IS_OK(status) ) return ntstatus_to_werror( status ); - return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SERVICE, service, access_granted ); + return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SERVICE, service, access_granted ); } /******************************************************************** @@ -329,49 +328,58 @@ WERROR _svcctl_CloseServiceHandle(pipes_struct *p, struct svcctl_CloseServiceHan if ( !close_policy_hnd( p, r->in.handle ) ) return WERR_BADFID; - return WERR_OK; + return WERR_OK; } /******************************************************************** + _svcctl_GetServiceDisplayNameW ********************************************************************/ -WERROR _svcctl_get_display_name(pipes_struct *p, SVCCTL_Q_GET_DISPLAY_NAME *q_u, SVCCTL_R_GET_DISPLAY_NAME *r_u) +WERROR _svcctl_GetServiceDisplayNameW(pipes_struct *p, + struct svcctl_GetServiceDisplayNameW *r) { - fstring service; + const char *service; const char *display_name; - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); + /* can only use an SCM handle here */ - + if ( !info || (info->type != SVC_HANDLE_IS_SCM) ) return WERR_BADFID; - - rpcstr_pull(service, q_u->servicename.buffer, sizeof(service), q_u->servicename.uni_str_len*2, 0); - + + service = r->in.service_name; + display_name = svcctl_lookup_dispname(p->mem_ctx, service, p->pipe_user.nt_user_token ); - init_svcctl_r_get_display_name( r_u, display_name ? display_name : ""); + if (!display_name) { + display_name = ""; + } + + *r->out.display_name = display_name; + *r->out.display_name_length = strlen(display_name); return WERR_OK; } /******************************************************************** + _svcctl_QueryServiceStatus ********************************************************************/ -WERROR _svcctl_query_status(pipes_struct *p, SVCCTL_Q_QUERY_STATUS *q_u, SVCCTL_R_QUERY_STATUS *r_u) +WERROR _svcctl_QueryServiceStatus(pipes_struct *p, + struct svcctl_QueryServiceStatus *r) { - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) return WERR_BADFID; - + if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) ) return WERR_ACCESS_DENIED; - + /* try the service specific status call */ - return info->ops->service_status( info->name, &r_u->svc_status ); + return info->ops->service_status( info->name, r->out.service_status ); } /******************************************************************** @@ -383,7 +391,7 @@ static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_ int i; ENUM_SERVICES_STATUS *st; const char *display_name; - + /* just count */ while ( svcctl_ops[num_services].name ) num_services++; @@ -392,16 +400,16 @@ static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_ DEBUG(0,("enumerate_status: talloc() failed!\n")); return -1; } - + for ( i=0; i<num_services; i++ ) { init_unistr( &st[i].servicename, svcctl_ops[i].name ); - + display_name = svcctl_lookup_dispname(ctx, svcctl_ops[i].name, token ); init_unistr( &st[i].displayname, display_name ? display_name : ""); - + svcctl_ops[i].ops->service_status( svcctl_ops[i].name, &st[i].status ); } - + *status = st; return num_services; @@ -419,12 +427,12 @@ WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STAT WERROR result = WERR_OK; SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); NT_USER_TOKEN *token = p->pipe_user.nt_user_token; - + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SCM) ) return WERR_BADFID; - + if ( !(info->access_granted & SC_RIGHT_MGR_ENUMERATE_SERVICE) ) { return WERR_ACCESS_DENIED; } @@ -464,51 +472,57 @@ WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STAT } /******************************************************************** + _svcctl_StartServiceW ********************************************************************/ -WERROR _svcctl_start_service(pipes_struct *p, SVCCTL_Q_START_SERVICE *q_u, SVCCTL_R_START_SERVICE *r_u) +WERROR _svcctl_StartServiceW(pipes_struct *p, + struct svcctl_StartServiceW *r) { - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) return WERR_BADFID; - + if ( !(info->access_granted & SC_RIGHT_SVC_START) ) return WERR_ACCESS_DENIED; - + return info->ops->start_service( info->name ); } /******************************************************************** + _svcctl_ControlService ********************************************************************/ -WERROR _svcctl_control_service(pipes_struct *p, SVCCTL_Q_CONTROL_SERVICE *q_u, SVCCTL_R_CONTROL_SERVICE *r_u) +WERROR _svcctl_ControlService(pipes_struct *p, + struct svcctl_ControlService *r) { - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); + /* perform access checks */ - + if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) - return WERR_BADFID; - - switch ( q_u->control ) { + return WERR_BADFID; + + switch ( r->in.control ) { case SVCCTL_CONTROL_STOP: if ( !(info->access_granted & SC_RIGHT_SVC_STOP) ) return WERR_ACCESS_DENIED; - - return info->ops->stop_service( info->name, &r_u->svc_status ); - + + return info->ops->stop_service( info->name, + r->out.service_status ); + case SVCCTL_CONTROL_INTERROGATE: if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) ) return WERR_ACCESS_DENIED; - - return info->ops->service_status( info->name, &r_u->svc_status ); + + return info->ops->service_status( info->name, + r->out.service_status ); } - + /* default control action */ - + return WERR_ACCESS_DENIED; } @@ -518,22 +532,22 @@ WERROR _svcctl_control_service(pipes_struct *p, SVCCTL_Q_CONTROL_SERVICE *q_u, S WERROR _svcctl_enum_dependent_services( pipes_struct *p, SVCCTL_Q_ENUM_DEPENDENT_SERVICES *q_u, SVCCTL_R_ENUM_DEPENDENT_SERVICES *r_u ) { SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) - return WERR_BADFID; - + return WERR_BADFID; + if ( !(info->access_granted & SC_RIGHT_SVC_ENUMERATE_DEPENDENTS) ) return WERR_ACCESS_DENIED; - - /* we have to set the outgoing buffer size to the same as the + + /* we have to set the outgoing buffer size to the same as the incoming buffer size (even in the case of failure */ rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx ); - + r_u->needed = q_u->buffer_size; - + /* no dependent services...basically a stub function */ r_u->returned = 0; @@ -547,21 +561,21 @@ WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_ { SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); uint32 buffer_size; - + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) - return WERR_BADFID; - + return WERR_BADFID; + if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) ) return WERR_ACCESS_DENIED; - /* we have to set the outgoing buffer size to the same as the + /* we have to set the outgoing buffer size to the same as the incoming buffer size (even in the case of failure) */ rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx ); r_u->needed = q_u->buffer_size; - + switch ( q_u->level ) { case SVC_STATUS_PROCESS_INFO: { @@ -576,18 +590,18 @@ WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_ buffer_size = sizeof(SERVICE_STATUS_PROCESS); break; } - + default: - return WERR_UNKNOWN_LEVEL; + return WERR_UNKNOWN_LEVEL; } - + buffer_size += buffer_size % 4; r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size; - if (buffer_size > q_u->buffer_size ) + if (buffer_size > q_u->buffer_size ) return WERR_MORE_DATA; - + return WERR_OK; } @@ -600,12 +614,12 @@ static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name, SERVICE_CONFIG REGISTRY_VALUE *val; /* retrieve the registry values for this service */ - + if ( !(values = svcctl_fetch_regvalues( name, token )) ) return WERR_REG_CORRUPT; - + /* now fill in the individual values */ - + config->displayname = TALLOC_ZERO_P( ctx, UNISTR2 ); if ( (val = regval_ctr_getvalue( values, "DisplayName" )) != NULL ) init_unistr2( config->displayname, regval_sz( val ), UNI_STR_TERMINATE ); @@ -613,23 +627,23 @@ static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name, SERVICE_CONFIG init_unistr2( config->displayname, name, UNI_STR_TERMINATE ); if ( (val = regval_ctr_getvalue( values, "ObjectName" )) != NULL ) { - config->startname = TALLOC_ZERO_P( ctx, UNISTR2 ); + config->startname = TALLOC_ZERO_P( ctx, UNISTR2 ); init_unistr2( config->startname, regval_sz( val ), UNI_STR_TERMINATE ); } - + if ( (val = regval_ctr_getvalue( values, "ImagePath" )) != NULL ) { - config->executablepath = TALLOC_ZERO_P( ctx, UNISTR2 ); + config->executablepath = TALLOC_ZERO_P( ctx, UNISTR2 ); init_unistr2( config->executablepath, regval_sz( val ), UNI_STR_TERMINATE ); } /* a few hard coded values */ /* loadordergroup and dependencies are empty */ - + config->tag_id = 0x00000000; /* unassigned loadorder group */ config->service_type = SVCCTL_WIN32_OWN_PROC; config->error_control = SVCCTL_SVC_ERROR_NORMAL; - /* set the start type. NetLogon and WINS are disabled to prevent + /* set the start type. NetLogon and WINS are disabled to prevent the client from showing the "Start" button (if of course the services are not running */ @@ -639,7 +653,7 @@ static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name, SERVICE_CONFIG config->start_type = SVCCTL_DISABLED; else config->start_type = SVCCTL_DEMAND_START; - + TALLOC_FREE( values ); @@ -654,24 +668,24 @@ WERROR _svcctl_query_service_config( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CON SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); uint32 buffer_size; WERROR wresult; - + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) - return WERR_BADFID; - + return WERR_BADFID; + if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) ) return WERR_ACCESS_DENIED; - /* we have to set the outgoing buffer size to the same as the + /* we have to set the outgoing buffer size to the same as the incoming buffer size (even in the case of failure */ r_u->needed = q_u->buffer_size; - + wresult = fill_svc_config( p->mem_ctx, info->name, &r_u->config, p->pipe_user.nt_user_token ); if ( !W_ERROR_IS_OK(wresult) ) return wresult; - + buffer_size = svcctl_sizeof_service_config( &r_u->config ); r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size; @@ -679,7 +693,7 @@ WERROR _svcctl_query_service_config( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CON ZERO_STRUCTP( &r_u->config ); return WERR_INSUFFICIENT_BUFFER; } - + return WERR_OK; } @@ -750,38 +764,41 @@ WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CO } /******************************************************************** + _svcctl_LockServiceDatabase ********************************************************************/ -WERROR _svcctl_lock_service_db( pipes_struct *p, SVCCTL_Q_LOCK_SERVICE_DB *q_u, SVCCTL_R_LOCK_SERVICE_DB *r_u ) +WERROR _svcctl_LockServiceDatabase(pipes_struct *p, + struct svcctl_LockServiceDatabase *r) { - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); - + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SCM) ) - return WERR_BADFID; - + return WERR_BADFID; + if ( !(info->access_granted & SC_RIGHT_MGR_LOCK) ) return WERR_ACCESS_DENIED; /* Just open a handle. Doesn't actually lock anything */ - - return create_open_service_handle( p, &r_u->h_lock, SVC_HANDLE_IS_DBLOCK, NULL, 0 ); -; + + return create_open_service_handle( p, r->out.lock, SVC_HANDLE_IS_DBLOCK, NULL, 0 ); } /******************************************************************** + _svcctl_UnlockServiceDatabase ********************************************************************/ -WERROR _svcctl_unlock_service_db( pipes_struct *p, SVCCTL_Q_UNLOCK_SERVICE_DB *q_u, SVCCTL_R_UNLOCK_SERVICE_DB *r_u ) +WERROR _svcctl_UnlockServiceDatabase(pipes_struct *p, + struct svcctl_UnlockServiceDatabase *r) { - SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->h_lock ); + SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.lock ); if ( !info || (info->type != SVC_HANDLE_IS_DBLOCK) ) - return WERR_BADFID; - - return close_policy_hnd( p, &q_u->h_lock) ? WERR_OK : WERR_BADFID; + return WERR_BADFID; + + return close_policy_hnd( p, r->out.lock) ? WERR_OK : WERR_BADFID; } /******************************************************************** @@ -796,7 +813,7 @@ WERROR _svcctl_query_service_sec( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_SEC *q /* only support the SCM and individual services */ if ( !info || !(info->type & (SVC_HANDLE_IS_SERVICE|SVC_HANDLE_IS_SCM)) ) - return WERR_BADFID; + return WERR_BADFID; /* check access reights (according to MSDN) */ @@ -824,7 +841,7 @@ WERROR _svcctl_query_service_sec( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_SEC *q if ( !sec_io_desc("", &sec_desc, &r_u->buffer.prs, 0 ) ) return WERR_NOMEM; - + return WERR_OK; } @@ -843,298 +860,250 @@ WERROR _svcctl_set_service_sec( pipes_struct *p, SVCCTL_Q_SET_SERVICE_SEC *q_u, /* can't set the security de4scriptor on the ServiceControlManager */ if ( info->type == SVC_HANDLE_IS_SCM ) - return WERR_ACCESS_DENIED; + return WERR_ACCESS_DENIED; /* check the access on the open handle */ - + switch ( q_u->security_flags ) { case DACL_SECURITY_INFORMATION: required_access = STD_RIGHT_WRITE_DAC_ACCESS; break; - + case OWNER_SECURITY_INFORMATION: case GROUP_SECURITY_INFORMATION: required_access = STD_RIGHT_WRITE_OWNER_ACCESS; break; - + case SACL_SECURITY_INFORMATION: return WERR_INVALID_PARAM; default: return WERR_INVALID_PARAM; } - + if ( !(info->access_granted & required_access) ) return WERR_ACCESS_DENIED; - + /* read the security descfriptor */ - + if ( !sec_io_desc("", &sec_desc, &q_u->buffer.prs, 0 ) ) return WERR_NOMEM; - + /* store the new SD */ - if ( !svcctl_set_secdesc( p->mem_ctx, info->name, sec_desc, p->pipe_user.nt_user_token ) ) + if ( !svcctl_set_secdesc( p->mem_ctx, info->name, sec_desc, p->pipe_user.nt_user_token ) ) return WERR_ACCESS_DENIED; return WERR_OK; } -WERROR _svcctl_ControlService(pipes_struct *p, struct svcctl_ControlService *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - WERROR _svcctl_DeleteService(pipes_struct *p, struct svcctl_DeleteService *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_LockServiceDatabase(pipes_struct *p, struct svcctl_LockServiceDatabase *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p, struct svcctl_QueryServiceObjectSecurity *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p, struct svcctl_SetServiceObjectSecurity *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_QueryServiceStatus(pipes_struct *p, struct svcctl_QueryServiceStatus *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_SetServiceStatus(pipes_struct *p, struct svcctl_SetServiceStatus *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_UnlockServiceDatabase(pipes_struct *p, struct svcctl_UnlockServiceDatabase *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_NotifyBootConfigStatus(pipes_struct *p, struct svcctl_NotifyBootConfigStatus *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_SCSetServiceBitsW(pipes_struct *p, struct svcctl_SCSetServiceBitsW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_ChangeServiceConfigW(pipes_struct *p, struct svcctl_ChangeServiceConfigW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_CreateServiceW(pipes_struct *p, struct svcctl_CreateServiceW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_EnumDependentServicesW(pipes_struct *p, struct svcctl_EnumDependentServicesW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_EnumServicesStatusW(pipes_struct *p, struct svcctl_EnumServicesStatusW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_OpenSCManagerW(pipes_struct *p, struct svcctl_OpenSCManagerW *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_OpenServiceW(pipes_struct *p, struct svcctl_OpenServiceW *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceConfigW(pipes_struct *p, struct svcctl_QueryServiceConfigW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceLockStatusW(pipes_struct *p, struct svcctl_QueryServiceLockStatusW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_StartServiceW(pipes_struct *p, struct svcctl_StartServiceW *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _svcctl_GetServiceDisplayNameW(pipes_struct *p, struct svcctl_GetServiceDisplayNameW *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_GetServiceKeyNameW(pipes_struct *p, struct svcctl_GetServiceKeyNameW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_SCSetServiceBitsA(pipes_struct *p, struct svcctl_SCSetServiceBitsA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_ChangeServiceConfigA(pipes_struct *p, struct svcctl_ChangeServiceConfigA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_CreateServiceA(pipes_struct *p, struct svcctl_CreateServiceA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_EnumDependentServicesA(pipes_struct *p, struct svcctl_EnumDependentServicesA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_EnumServicesStatusA(pipes_struct *p, struct svcctl_EnumServicesStatusA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_OpenSCManagerA(pipes_struct *p, struct svcctl_OpenSCManagerA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_OpenServiceA(pipes_struct *p, struct svcctl_OpenServiceA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceConfigA(pipes_struct *p, struct svcctl_QueryServiceConfigA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceLockStatusA(pipes_struct *p, struct svcctl_QueryServiceLockStatusA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_StartServiceA(pipes_struct *p, struct svcctl_StartServiceA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_GetServiceDisplayNameA(pipes_struct *p, struct svcctl_GetServiceDisplayNameA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_GetServiceKeyNameA(pipes_struct *p, struct svcctl_GetServiceKeyNameA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_GetCurrentGroupeStateW(pipes_struct *p, struct svcctl_GetCurrentGroupeStateW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_EnumServiceGroupW(pipes_struct *p, struct svcctl_EnumServiceGroupW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_ChangeServiceConfig2A(pipes_struct *p, struct svcctl_ChangeServiceConfig2A *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_ChangeServiceConfig2W(pipes_struct *p, struct svcctl_ChangeServiceConfig2W *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceConfig2A(pipes_struct *p, struct svcctl_QueryServiceConfig2A *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceConfig2W(pipes_struct *p, struct svcctl_QueryServiceConfig2W *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_QueryServiceStatusEx(pipes_struct *p, struct svcctl_QueryServiceStatusEx *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _EnumServicesStatusExA(pipes_struct *p, struct EnumServicesStatusExA *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _EnumServicesStatusExW(pipes_struct *p, struct EnumServicesStatusExW *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } WERROR _svcctl_SCSendTSMessage(pipes_struct *p, struct svcctl_SCSendTSMessage *r) { p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; + return WERR_NOT_SUPPORTED; } diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 5d18419c75..7ff93e0b07 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -36,7 +36,7 @@ static void free_regkey(void *ptr) } /****************************************************************** - Find a registry key handle and return a REGISTRY_KEY + Find a registry key handle and return a struct registry_key * *****************************************************************/ static struct registry_key *find_regkey_by_hnd(pipes_struct *p, |