diff options
Diffstat (limited to 'source3')
191 files changed, 10231 insertions, 10268 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 2300e4a20c..8bee54d075 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -127,6 +127,7 @@ LOGFILEBASE = @logfilebase@ CONFIGFILE = $(CONFIGDIR)/smb.conf LMHOSTSFILE = $(CONFIGDIR)/lmhosts CTDBDIR = @ctdbdir@ +NCALRPCDIR = @ncalrpcdir@ # This is where smbpasswd et al go PRIVATEDIR = @privatedir@ @@ -166,6 +167,7 @@ PATH_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" \ -DLOGFILEBASE=\"$(LOGFILEBASE)\" \ -DSHLIBEXT=\"@SHLIBEXT@\" \ -DCTDBDIR=\"$(CTDBDIR)\" \ + -DNCALRPCDIR=\"$(NCALRPCDIR)\" \ -DCONFIGDIR=\"$(CONFIGDIR)\" \ -DCODEPAGEDIR=\"$(CODEPAGEDIR)\" \ -DCACHEDIR=\"$(CACHEDIR)\" \ @@ -315,12 +317,12 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) \ lib/async_sock.o \ $(TDB_LIB_OBJ) \ $(VERSION_OBJ) lib/charcnv.o lib/debug.o lib/fault.o \ - lib/interface.o lib/md4.o \ + lib/interface.o ../lib/crypto/md4.o \ lib/pidfile.o \ lib/signal.o lib/system.o lib/sendfile.o lib/recvfile.o lib/time.o \ lib/ufc.o lib/genrand.o lib/username.o \ lib/util_pw.o lib/access.o lib/smbrun.o \ - lib/bitmap.o lib/crc32.o lib/dprintf.o \ + lib/bitmap.o ../lib/crypto/crc32.o lib/dprintf.o \ lib/xfile.o lib/wins_srv.o $(UTIL_REG_OBJ) \ lib/util_str.o lib/clobber.o lib/util_sid.o lib/util_uuid.o \ lib/util_unistr.o lib/util_file.o lib/data_blob.o \ @@ -328,7 +330,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) \ lib/substitute.o lib/fsusage.o lib/dbwrap_util.o \ lib/ms_fnmatch.o lib/select.o lib/errmap_unix.o \ lib/tallocmsg.o lib/dmallocmsg.o libsmb/smb_signing.o \ - lib/md5.o lib/hmacmd5.o lib/arc4.o lib/iconv.o \ + ../lib/crypto/md5.o ../lib/crypto/hmacmd5.o lib/arc4.o lib/iconv.o \ lib/pam_errors.o intl/lang_tdb.o lib/conn_tdb.o \ lib/adt_tree.o lib/gencache.o \ lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \ @@ -376,7 +378,9 @@ LIBADS_SERVER_OBJ = libads/kerberos_verify.o libads/authdata.o \ SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o -LIBNBT_OBJ = libcli/nbt/nbtname.o \ +LIBNBT_OBJ = ../libcli/nbt/nbtname.o \ + ../libcli/netlogon.o \ + ../libcli/ndr_netlogon.o \ librpc/gen_ndr/ndr_nbt.o \ librpc/gen_ndr/ndr_svcctl.o @@ -619,6 +623,7 @@ VFS_FILEID_OBJ = modules/vfs_fileid.o VFS_AIO_FORK_OBJ = modules/vfs_aio_fork.o VFS_SYNCOPS_OBJ = modules/vfs_syncops.o VFS_ACL_XATTR_OBJ = modules/vfs_acl_xattr.o +VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o @@ -633,6 +638,7 @@ AUTH_SERVER_OBJ = auth/auth_server.o AUTH_UNIX_OBJ = auth/auth_unix.o AUTH_WINBIND_OBJ = auth/auth_winbind.o AUTH_SCRIPT_OBJ = auth/auth_script.o +AUTH_NETLOGOND_OBJ = auth/auth_netlogond.o AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/token_util.o \ auth/auth_compat.o auth/auth_ntlmssp.o \ @@ -736,6 +742,10 @@ TESTPARM_OBJ = utils/testparm.o \ $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \ $(LIBSAMBA_OBJ) +TEST_LP_LOAD_OBJ = param/test_lp_load.o \ + $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ + $(POPT_LIB_OBJ) $(LIBSAMBA_OBJ) + PASSWD_UTIL_OBJ = utils/passwd_util.o SMBPASSWD_OBJ = utils/smbpasswd.o $(PASSWD_UTIL_OBJ) $(PASSCHANGE_OBJ) \ @@ -946,13 +956,14 @@ SHARESEC_OBJ = $(SHARESEC_OBJ0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ $(LIBSAMBA_OBJ) \ $(POPT_LIB_OBJ) -TALLOCTORT_OBJ = @tallocdir@/testsuite.o $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ - $(LIBSAMBA_OBJ) +TALLOCTORT_OBJ = @tallocdir@/testsuite.o @tallocdir@/testsuite_main.o \ + $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(LIBSAMBA_OBJ) REPLACETORT_OBJ = @libreplacedir@/test/testsuite.o \ @libreplacedir@/test/getifaddrs.o \ @libreplacedir@/test/os2_delete.o \ @libreplacedir@/test/strptime.o \ + @libreplacedir@/test/main.o \ $(LIBREPLACE_OBJ) NDRDUMP_OBJ = librpc/tools/ndrdump.o \ @@ -984,6 +995,14 @@ IDMAP_HASH_OBJ = \ winbindd/idmap_hash/idmap_hash.o \ winbindd/idmap_hash/mapfile.o +IDMAP_ADEX_OBJ = \ + winbindd/idmap_adex/idmap_adex.o \ + winbindd/idmap_adex/cell_util.o \ + winbindd/idmap_adex/likewise_cell.o \ + winbindd/idmap_adex/provider_unified.o \ + winbindd/idmap_adex/gc_util.o \ + winbindd/idmap_adex/domain_util.o + WINBINDD_OBJ1 = \ winbindd/winbindd.o \ winbindd/winbindd_user.o \ @@ -1059,7 +1078,7 @@ LDBDEL_OBJ = $(LDB_CMDLINE_OBJ) lib/ldb/tools/ldbdel.o LDBMODIFY_OBJ = $(LDB_CMDLINE_OBJ) lib/ldb/tools/ldbmodify.o WINBIND_KRB5_LOCATOR_OBJ1 = nsswitch/winbind_krb5_locator.o -WINBIND_KRB5_LOCATOR_OBJ = $(WINBIND_KRB5_LOCATOR_OBJ1) $(WBCOMMON_OBJ) $(LIBREPLACE_OBJ) +WINBIND_KRB5_LOCATOR_OBJ = $(WINBIND_KRB5_LOCATOR_OBJ1) $(LIBREPLACE_OBJ) POPT_OBJ=../lib/popt/findme.o ../lib/popt/popt.o ../lib/popt/poptconfig.o \ ../lib/popt/popthelp.o ../lib/popt/poptparse.o @@ -1127,6 +1146,8 @@ pam_smbpass: SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@ pam_winbind: SHOWFLAGS bin/pam_winbind.@SHLIBEXT@ +gpext_modules:: $(GPEXT_MODULES) + torture:: SHOWFLAGS $(TORTURE_PROGS) smbtorture : SHOWFLAGS bin/smbtorture@EXEEXT@ @@ -1697,6 +1718,7 @@ LIBWBCLIENT_OBJ0 = nsswitch/libwbclient/wbclient.o \ nsswitch/libwbclient/wbc_pwd.o \ nsswitch/libwbclient/wbc_idmap.o \ nsswitch/libwbclient/wbc_sid.o \ + nsswitch/libwbclient/wbc_guid.o \ nsswitch/libwbclient/wbc_pam.o LIBWBCLIENT_OBJ = $(LIBWBCLIENT_OBJ0) \ $(WBCOMMON_OBJ) \ @@ -2155,15 +2177,15 @@ bin/vlp@EXEEXT@: $(BINARY_PREREQS) $(VLP_OBJ) @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ $(LDAP_LIBS) $(KRB5LIBS) $(LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) \ @SONAMEFLAG@`basename $@`@NSSSONAMEVERSIONSUFFIX@ -bin/winbind_krb5_locator.@SHLIBEXT@: $(BINARY_PREREQS) $(WINBIND_KRB5_LOCATOR_OBJ) +bin/winbind_krb5_locator.@SHLIBEXT@: $(BINARY_PREREQS) $(WINBIND_KRB5_LOCATOR_OBJ) @LIBWBCLIENT_SHARED@ @echo "Linking $@" - @$(SHLD) $(LDSHFLAGS) -o $@ $(WINBIND_KRB5_LOCATOR_OBJ) \ + @$(SHLD) $(LDSHFLAGS) -o $@ $(WINBIND_KRB5_LOCATOR_OBJ) $(WINBIND_LIBS) \ @SONAMEFLAG@`basename $@` -bin/pam_winbind.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_WINBIND_OBJ) +bin/pam_winbind.@SHLIBEXT@: $(BINARY_PREREQS) $(PAM_WINBIND_OBJ) @LIBTALLOC_SHARED@ @LIBWBCLIENT_SHARED@ @echo "Linking shared library $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) -lpam @INIPARSERLIBS@ \ - $(PAM_WINBIND_EXTRA_LIBS) @SONAMEFLAG@`basename $@` + $(PAM_WINBIND_EXTRA_LIBS) $(LIBTALLOC_LIBS) $(WINBIND_LIBS) @SONAMEFLAG@`basename $@` bin/builtin.@SHLIBEXT@: $(BINARY_PREREQS) $(AUTH_BUILTIN_OBJ) @echo "Building plugin $@" @@ -2177,6 +2199,10 @@ bin/script.@SHLIBEXT@: $(BINARY_PREREQS) $(AUTH_SCRIPT_OBJ) @echo "Building plugin $@" @$(SHLD_MODULE) $(AUTH_SCRIPT_OBJ) +bin/netlogond.@SHLIBEXT@: $(BINARY_PREREQS) $(AUTH_NETLOGOND_OBJ) + @echo "Building plugin $@" + @$(SHLD_MODULE) $(AUTH_NETLOGOND_OBJ) + bin/smbserver.@SHLIBEXT@: $(BINARY_PREREQS) $(AUTH_SERVER_OBJ) @echo "Building plugin $@" @$(SHLD_MODULE) $(AUTH_SERVER_OBJ) @@ -2217,6 +2243,10 @@ bin/hash.@SHLIBEXT@: $(BINARY_PREREQS) $(IDMAP_HASH_OBJ) @echo "Building plugin $@" @$(SHLD_MODULE) $(IDMAP_HASH_OBJ) +bin/adex.@SHLIBEXT@: $(BINARY_PREREQS) $(IDMAP_ADEX_OBJ) + @echo "Building plugin $@" + @$(SHLD_MODULE) $(IDMAP_ADEX_OBJ) + bin/tdb2.@SHLIBEXT@: $(BINARY_PREREQS) winbindd/idmap_tdb2.o @echo "Building plugin $@" @$(SHLD_MODULE) winbindd/idmap_tdb2.o @@ -2388,6 +2418,10 @@ bin/acl_xattr.@SHLIBEXT@: $(BINARY_PREREQS) $(VFS_ACL_XATTR_OBJ) @echo "Building plugin $@" @$(SHLD_MODULE) $(VFS_ACL_XATTR_OBJ) +bin/smb_traffic_analyzer.@SHLIBEXT@: $(BINARY_PREREQS) $(VFS_SMB_TRAFFIC_ANALYZER_OBJ) + @echo "Building plugin $@" + @$(SHLD_MODULE) $(VFS_SMB_TRAFFIC_ANALYZER_OBJ) + bin/registry.@SHLIBEXT@: $(BINARY_PREREQS) libgpo/gpext/registry.o @echo "Building plugin $@" @$(SHLD_MODULE) libgpo/gpext/registry.o @@ -2396,6 +2430,10 @@ bin/scripts.@SHLIBEXT@: $(BINARY_PREREQS) libgpo/gpext/scripts.o @echo "Building plugin $@" @$(SHLD_MODULE) libgpo/gpext/scripts.o +bin/security.@SHLIBEXT@: $(BINARY_PREREQS) libgpo/gpext/security.o + @echo "Building plugin $@" + @$(SHLD_MODULE) libgpo/gpext/security.o + ######################################################### ## IdMap NSS plugins @@ -2468,6 +2506,13 @@ bin/rpc_open_tcp@EXEEXT@: $(BINARY_PREREQS) $(RPC_OPEN_TCP_OBJ) @LIBTALLOC_SHARE $(LIBS) $(LIBTALLOC_LIBS) @LIBTDB_SHARED@ $(WINBIND_LIBS) \ $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) +bin/test_lp_load@EXEEXT@: $(BINARY_PREREQS) $(TEST_LP_LOAD_OBJ) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ + @echo "Linking $@" + @$(CC) $(FLAGS) -o $@ $(TEST_LP_LOAD_OBJ) \ + $(LDFLAGS) $(DYNEEXP) $(LIBS) \ + $(LDAP_LIBS) \ + $(POPT_LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) + install:: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSUPCALL@ installman \ installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ \ @INSTALL_PAM_MODULES@ installlibs @@ -2518,6 +2563,8 @@ installmodules:: modules installdirs @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) domain.@SHLIBEXT@ trustdomain.@SHLIBEXT@ ntdomain.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) builtin.@SHLIBEXT@ guest.@SHLIBEXT@ fixed_challenge.@SHLIBEXT@ name_to_ntstatus.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(NSSINFOLIBDIR) ../idmap/ad.@SHLIBEXT@ rfc2307.@SHLIBEXT@ sfu.@SHLIBEXT@ sfu20.@SHLIBEXT@ + @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(NSSINFOLIBDIR) ../idmap/adex.@SHLIBEXT@ adex.@SHLIBEXT@ + @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(NSSINFOLIBDIR) ../idmap/hash.@SHLIBEXT@ hash.@SHLIBEXT@ installscripts:: installdirs @$(SHELL) $(srcdir)/script/installscripts.sh $(INSTALLPERMS_BIN) $(DESTDIR)$(BINDIR) $(SCRIPTS) @@ -2613,6 +2660,10 @@ uninstallpammodules:: # Toplevel clean files TOPFILES=dynconfig.o +cleanlibs:: + -rm -f ../lib/*/*.o ../lib/*/*/*.o \ + ../libcli/*.o ../libcli/*/*.o + clean:: cleanlibs -rm -f include/build_env.h -rm -f smbd/build_options.c @@ -2636,10 +2687,10 @@ include/build_env.h: script/build_env.sh proto:: etags:: - etags `find $(srcdir) -name "*.[ch]"` + etags `find $(srcdir)/.. -name "*.[ch]"` ctags:: - ctags `find $(srcdir) -name "*.[ch]"` + ctags `find $(srcdir)/.. -name "*.[ch]"` realclean:: clean -rm -f config.log bin/.dummy script/findsmb script/gen-8bit-gap.sh @@ -2723,6 +2774,10 @@ valgrindtest:: all torture timelimit VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \ PERL="$(PERL)" $(srcdir)/script/tests/selftest.sh ${selftest_prefix} all "${smbtorture4_path}" +# Check for Winbind struct 32/64bit padding +test_wbpad: + @echo "Testing winbind request/response structure for 32/64bit padding" + @./script/tests/wb_pad.sh || exit 1; ## ## Examples: diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index c25e62ab80..f11dbe60ee 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -26,6 +26,71 @@ extern bool global_machine_password_needs_changing; static struct named_mutex *mutex; +/* + * Change machine password (called from main loop + * idle timeout. Must be done as root. + */ + +void attempt_machine_password_change(void) +{ + unsigned char trust_passwd_hash[16]; + time_t lct; + void *lock; + + if (!global_machine_password_needs_changing) { + return; + } + + if (lp_security() != SEC_DOMAIN) { + return; + } + + /* + * We're in domain level security, and the code that + * read the machine password flagged that the machine + * password needs changing. + */ + + /* + * First, open the machine password file with an exclusive lock. + */ + + lock = secrets_get_trust_account_lock(NULL, lp_workgroup()); + + if (lock == NULL) { + DEBUG(0,("attempt_machine_password_change: unable to lock " + "the machine account password for machine %s in " + "domain %s.\n", + global_myname(), lp_workgroup() )); + return; + } + + if(!secrets_fetch_trust_account_password(lp_workgroup(), + trust_passwd_hash, &lct, NULL)) { + DEBUG(0,("attempt_machine_password_change: unable to read the " + "machine account password for %s in domain %s.\n", + global_myname(), lp_workgroup())); + TALLOC_FREE(lock); + return; + } + + /* + * Make sure someone else hasn't already done this. + */ + + if(time(NULL) < lct + lp_machine_password_timeout()) { + global_machine_password_needs_changing = false; + TALLOC_FREE(lock); + return; + } + + /* always just contact the PDC here */ + + change_trust_account_password( lp_workgroup(), NULL); + global_machine_password_needs_changing = false; + TALLOC_FREE(lock); +} + /** * Connect to a remote server for (inter)domain security authenticaion. * diff --git a/source3/auth/auth_netlogond.c b/source3/auth/auth_netlogond.c new file mode 100644 index 0000000000..a57f3b74a3 --- /dev/null +++ b/source3/auth/auth_netlogond.c @@ -0,0 +1,321 @@ +/* + Unix SMB/CIFS implementation. + Authenticate against a netlogon pipe listening on a unix domain socket + Copyright (C) Volker Lendecke 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_AUTH + +static NTSTATUS netlogond_validate(TALLOC_CTX *mem_ctx, + const struct auth_context *auth_context, + const char *ncalrpc_sockname, + uint8_t schannel_key[16], + const auth_usersupplied_info *user_info, + struct netr_SamInfo3 **pinfo3, + NTSTATUS *schannel_bind_result) +{ + struct rpc_pipe_client *p; + struct cli_pipe_auth_data *auth; + struct netr_SamInfo3 *info3 = NULL; + NTSTATUS status; + + *schannel_bind_result = NT_STATUS_OK; + + status = rpc_pipe_open_ncalrpc(talloc_tos(), ncalrpc_sockname, + &ndr_table_netlogon.syntax_id, &p); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpc_pipe_open_ncalrpc failed: %s\n", + nt_errstr(status))); + return status; + } + + status = rpccli_schannel_bind_data(p, lp_workgroup(), + PIPE_AUTH_LEVEL_PRIVACY, + schannel_key, &auth); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpccli_schannel_bind_data failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(p); + return status; + } + + status = rpc_pipe_bind(p, auth); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpc_pipe_bind failed: %s\n", nt_errstr(status))); + TALLOC_FREE(p); + *schannel_bind_result = status; + return status; + } + + /* + * We have to fake a struct dcinfo, so that + * rpccli_netlogon_sam_network_logon_ex can decrypt the session keys. + */ + + p->dc = talloc(p, struct dcinfo); + if (p->dc == NULL) { + DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(p); + return NT_STATUS_NO_MEMORY; + } + + memcpy(p->dc->sess_key, schannel_key, 16); + + status = rpccli_netlogon_sam_network_logon_ex( + p, p, + user_info->logon_parameters,/* flags such as 'allow + * workstation logon' */ + global_myname(), /* server name */ + user_info->smb_name, /* user name logging on. */ + user_info->client_domain, /* domain name */ + user_info->wksta_name, /* workstation name */ + (uchar *)auth_context->challenge.data, /* 8 byte challenge. */ + user_info->lm_resp, /* lanman 24 byte response */ + user_info->nt_resp, /* nt 24 byte response */ + &info3); /* info3 out */ + + DEBUG(10, ("rpccli_netlogon_sam_network_logon_ex returned %s\n", + nt_errstr(status))); + + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(p); + return status; + } + + *pinfo3 = talloc_move(mem_ctx, &info3); + + TALLOC_FREE(p); + return NT_STATUS_OK; +} + +static char *mymachinepw(TALLOC_CTX *mem_ctx) +{ + fstring pwd; + const char *script; + char *to_free = NULL; + ssize_t nread; + int ret, fd; + + script = lp_parm_const_string( + GLOBAL_SECTION_SNUM, "auth_netlogond", "machinepwscript", + NULL); + + if (script == NULL) { + to_free = talloc_asprintf(talloc_tos(), "%s/%s", + get_dyn_SBINDIR(), "mymachinepw"); + script = to_free; + } + if (script == NULL) { + return NULL; + } + + ret = smbrun(script, &fd); + DEBUG(ret ? 0 : 3, ("mymachinepw: Running the command `%s' gave %d\n", + script, ret)); + TALLOC_FREE(to_free); + + if (ret != 0) { + return NULL; + } + + pwd[sizeof(pwd)-1] = '\0'; + + nread = read(fd, pwd, sizeof(pwd)-1); + close(fd); + + if (nread <= 0) { + DEBUG(3, ("mymachinepwd: Could not read password\n")); + return NULL; + } + + DEBUG(0, ("pwd: %d [%s]\n", (int)nread, pwd)); + + if (pwd[nread-1] == '\n') { + pwd[nread-1] = '\0'; + } + + return talloc_strdup(mem_ctx, pwd); +} + +static NTSTATUS check_netlogond_security(const struct auth_context *auth_context, + void *my_private_data, + TALLOC_CTX *mem_ctx, + const auth_usersupplied_info *user_info, + auth_serversupplied_info **server_info) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct netr_SamInfo3 *info3 = NULL; + struct rpc_pipe_client *p; + struct cli_pipe_auth_data *auth; + uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; + char *plaintext_machinepw; + uint8_t machine_password[16]; + uint8_t schannel_key[16]; + NTSTATUS schannel_bind_result, status; + struct named_mutex *mutex; + const char *ncalrpcsock; + + ncalrpcsock = lp_parm_const_string( + GLOBAL_SECTION_SNUM, "auth_netlogond", "socket", NULL); + + if (ncalrpcsock == NULL) { + ncalrpcsock = talloc_asprintf(talloc_tos(), "%s/%s", + get_dyn_NCALRPCDIR(), "DEFAULT"); + } + + if (ncalrpcsock == NULL) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + if (!secrets_fetch_local_schannel_key(schannel_key)) { + goto new_key; + } + + status = netlogond_validate(talloc_tos(), auth_context, ncalrpcsock, + schannel_key, user_info, &info3, + &schannel_bind_result); + + DEBUG(10, ("netlogond_validate returned %s\n", nt_errstr(status))); + + if (NT_STATUS_IS_OK(status)) { + goto okay; + } + + if (NT_STATUS_IS_OK(schannel_bind_result)) { + /* + * This is a real failure from the DC + */ + goto done; + } + + new_key: + + mutex = grab_named_mutex(talloc_tos(), "LOCAL_SCHANNEL_KEY", 60); + if (mutex == NULL) { + DEBUG(10, ("Could not get mutex LOCAL_SCHANNEL_KEY\n")); + status = NT_STATUS_ACCESS_DENIED; + goto done; + } + + DEBUG(10, ("schannel bind failed, setting up new key\n")); + + status = rpc_pipe_open_ncalrpc(talloc_tos(), ncalrpcsock, + &ndr_table_netlogon.syntax_id, &p); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpc_pipe_open_ncalrpc failed: %s\n", + nt_errstr(status))); + goto done; + } + + status = rpccli_anon_bind_data(p, &auth); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpccli_anon_bind_data failed: %s\n", + nt_errstr(status))); + goto done; + } + + status = rpc_pipe_bind(p, auth); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpc_pipe_bind failed: %s\n", nt_errstr(status))); + goto done; + } + + TALLOC_FREE(auth); + + plaintext_machinepw = mymachinepw(talloc_tos()); + if (plaintext_machinepw == NULL) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + E_md4hash(plaintext_machinepw, machine_password); + + TALLOC_FREE(plaintext_machinepw); + + status = rpccli_netlogon_setup_creds( + p, global_myname(), lp_workgroup(), global_myname(), + global_myname(), machine_password, SEC_CHAN_BDC, &neg_flags); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpccli_netlogon_setup_creds failed: %s\n", + nt_errstr(status))); + goto done; + } + + memcpy(schannel_key, p->dc->sess_key, 16); + secrets_store_local_schannel_key(schannel_key); + + TALLOC_FREE(p); + + /* + * Retry the authentication with the mutex held. This way nobody else + * can step on our toes. + */ + + status = netlogond_validate(talloc_tos(), auth_context, ncalrpcsock, + schannel_key, user_info, &info3, + &schannel_bind_result); + + DEBUG(10, ("netlogond_validate returned %s\n", nt_errstr(status))); + + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + okay: + + status = make_server_info_info3(mem_ctx, user_info->smb_name, + user_info->domain, server_info, + info3); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("make_server_info_info3 failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(frame); + return status; + } + + status = NT_STATUS_OK; + + done: + TALLOC_FREE(frame); + return status; +} + +/* module initialisation */ +static NTSTATUS auth_init_netlogond(struct auth_context *auth_context, + const char *param, + auth_methods **auth_method) +{ + if (!make_auth_methods(auth_context, auth_method)) { + return NT_STATUS_NO_MEMORY; + } + + (*auth_method)->name = "netlogond"; + (*auth_method)->auth = check_netlogond_security; + return NT_STATUS_OK; +} + +NTSTATUS auth_netlogond_init(void) +{ + smb_register_auth(AUTH_INTERFACE_VERSION, "netlogond", + auth_init_netlogond); + return NT_STATUS_OK; +} diff --git a/source3/autogen.sh b/source3/autogen.sh index deed774b39..61316a8f70 100755 --- a/source3/autogen.sh +++ b/source3/autogen.sh @@ -2,6 +2,18 @@ # Run this script to build samba from GIT. +while true; do + case $1 in + (--version-file) + VERSION_FILE=$2 + shift 2 + ;; + (*) + break + ;; + esac +done + ## insert all possible names (only works with ## autoconf 2.x) TESTAUTOHEADER="autoheader autoheader-2.53 autoheader2.50 autoheader259 autoheader253" @@ -48,7 +60,7 @@ if test "$AUTOCONFFOUND" = "0" -o "$AUTOHEADERFOUND" = "0"; then fi echo "$0: running script/mkversion.sh" -./script/mkversion.sh || exit 1 +./script/mkversion.sh $VERSION_FILE || exit 1 rm -rf autom4te*.cache rm -f configure include/config.h* diff --git a/source3/client/client.c b/source3/client/client.c index 7af7d30108..eb9f31bdf2 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4345,6 +4345,8 @@ cleanup: } } +static bool finished; + /**************************************************************************** Make sure we swallow keepalives during idle time. ****************************************************************************/ @@ -4391,6 +4393,8 @@ static void readline_callback(void) DEBUG(0, ("Read from server failed, maybe it closed " "the connection\n")); + finished = true; + smb_readline_done(); if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) { set_smb_read_error(&cli->smb_rw_error, SMB_READ_EOF); @@ -4417,9 +4421,17 @@ static void readline_callback(void) /* Ping the server to keep the connection alive using SMBecho. */ { + NTSTATUS status; unsigned char garbage[16]; memset(garbage, 0xf0, sizeof(garbage)); - cli_echo(cli, 1, data_blob_const(garbage, sizeof(garbage))); + status = cli_echo(cli, 1, data_blob_const(garbage, sizeof(garbage))); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("SMBecho failed. Maybe server has closed " + "the connection\n")); + finished = true; + smb_readline_done(); + } } } @@ -4431,7 +4443,7 @@ static int process_stdin(void) { int rc = 0; - while (1) { + while (!finished) { TALLOC_CTX *frame = talloc_stackframe(); char *tok = NULL; char *the_prompt = NULL; diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index 3b56e5f861..fd8014cf9f 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -56,6 +56,10 @@ #endif /* _SAMBA_BUILD_ */ #endif /* MOUNT_CIFS_VENDOR_SUFFIX */ +#ifdef _SAMBA_BUILD_ +#include "include/config.h" +#endif + #ifndef MS_MOVE #define MS_MOVE 8192 #endif @@ -75,6 +79,15 @@ #define MOUNT_PASSWD_SIZE 64 #define DOMAIN_SIZE 64 +/* exit status - bits below are ORed */ +#define EX_USAGE 1 /* incorrect invocation or permission */ +#define EX_SYSERR 2 /* out of memory, cannot fork, ... */ +#define EX_SOFTWARE 4 /* internal mount bug or wrong version */ +#define EX_USER 8 /* user interrupt */ +#define EX_FILEIO 16 /* problems writing, locking, ... mtab/fstab */ +#define EX_FAIL 32 /* mount failure */ +#define EX_SOMEOK 64 /* some mount succeeded */ + const char *thisprogram; int verboseflag = 0; static int got_password = 0; @@ -94,6 +107,8 @@ char * prefixpath = NULL; /* like strncpy but does not 0 fill the buffer and always null * terminates. bufsize is the size of the destination buffer */ + +#ifndef HAVE_STRLCPY static size_t strlcpy(char *d, const char *s, size_t bufsize) { size_t len = strlen(s); @@ -104,10 +119,13 @@ static size_t strlcpy(char *d, const char *s, size_t bufsize) d[len] = 0; return ret; } +#endif /* like strncat but does not 0 fill the buffer and always null * terminates. bufsize is the length of the buffer, which should * be one more than the maximum resulting string length */ + +#ifndef HAVE_STRLCAT static size_t strlcat(char *d, const char *s, size_t bufsize) { size_t len1 = strlen(d); @@ -126,6 +144,7 @@ static size_t strlcat(char *d, const char *s, size_t bufsize) } return ret; } +#endif /* BB finish BB @@ -164,7 +183,7 @@ static void mount_cifs_usage(void) printf("\n\t%s -V\n",thisprogram); SAFE_FREE(mountpassword); - exit(1); + exit(EX_USAGE); } /* caller frees username if necessary */ @@ -223,7 +242,7 @@ static int open_cred_file(char * file_name) if(length > 4086) { printf("mount.cifs failed due to malformed username in credentials file"); memset(line_buf,0,4096); - exit(1); + exit(EX_USAGE); } else { got_user = 1; user_name = (char *)calloc(1 + length,1); @@ -247,7 +266,7 @@ static int open_cred_file(char * file_name) if(length > MOUNT_PASSWD_SIZE) { printf("mount.cifs failed: password in credentials file too long\n"); memset(line_buf,0, 4096); - exit(1); + exit(EX_USAGE); } else { if(mountpassword == NULL) { mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1); @@ -275,7 +294,7 @@ static int open_cred_file(char * file_name) } if(length > DOMAIN_SIZE) { printf("mount.cifs failed: domain in credentials file too long\n"); - exit(1); + exit(EX_USAGE); } else { if(domain_name == NULL) { domain_name = (char *)calloc(DOMAIN_SIZE+1,1); @@ -308,7 +327,7 @@ static int get_password_from_file(int file_descript, char * filename) if (mountpassword == NULL) { printf("malloc failed\n"); - exit(1); + exit(EX_SYSERR); } if(filename != NULL) { @@ -316,7 +335,7 @@ static int get_password_from_file(int file_descript, char * filename) if(file_descript < 0) { printf("mount.cifs failed. %s attempting to open password file %s\n", strerror(errno),filename); - exit(1); + exit(EX_SYSERR); } } /* else file already open and fd provided */ @@ -327,7 +346,7 @@ static int get_password_from_file(int file_descript, char * filename) printf("mount.cifs failed. Error %s reading password file\n",strerror(errno)); if(filename != NULL) close(file_descript); - exit(1); + exit(EX_SYSERR); } else if(rc == 0) { if(mountpassword[0] == 0) { if(verboseflag) @@ -553,7 +572,7 @@ static int parse_options(char ** optionsp, int * filesys_flags) if (!(pw = getpwnam(value))) { printf("bad user name \"%s\"\n", value); - exit(1); + exit(EX_USAGE); } snprintf(user, sizeof(user), "%u", pw->pw_uid); } else { @@ -569,7 +588,7 @@ static int parse_options(char ** optionsp, int * filesys_flags) if (!(gr = getgrnam(value))) { printf("bad group name \"%s\"\n", value); - exit(1); + exit(EX_USAGE); } snprintf(group, sizeof(group), "%u", gr->gr_gid); } else { @@ -664,7 +683,7 @@ static int parse_options(char ** optionsp, int * filesys_flags) out = (char *)realloc(out, out_len + word_len + 2); if (out == NULL) { perror("malloc"); - exit(1); + exit(EX_SYSERR); } if (out_len) { @@ -689,7 +708,7 @@ nocopy: out = (char *)realloc(out, out_len + word_len + 6); if (out == NULL) { perror("malloc"); - exit(1); + exit(EX_SYSERR); } if (out_len) { @@ -705,7 +724,7 @@ nocopy: out = (char *)realloc(out, out_len + 1 + word_len + 6); if (out == NULL) { perror("malloc"); - exit(1); + exit(EX_SYSERR); } if (out_len) { @@ -986,12 +1005,12 @@ static struct option longopts[] = { }; /* convert a string to uppercase. return false if the string - * wasn't ASCII or was a NULL ptr */ + * wasn't ASCII. Return success on a NULL ptr */ static int uppercase_string(char *string) { if (!string) - return 0; + return 1; while (*string) { /* check for unicode */ @@ -1040,7 +1059,7 @@ int main(int argc, char ** argv) thisprogram = argv[0]; } else { mount_cifs_usage(); - exit(1); + exit(EX_USAGE); } if(thisprogram == NULL) @@ -1057,12 +1076,12 @@ int main(int argc, char ** argv) share_name = strndup(argv[1], MAX_UNC_LEN); if (share_name == NULL) { fprintf(stderr, "%s: %s", argv[0], strerror(ENOMEM)); - exit(1); + exit(EX_SYSERR); } mountpoint = argv[2]; } else { mount_cifs_usage(); - exit(1); + exit(EX_USAGE); } /* add sharename in opts string as unc= parm */ @@ -1084,7 +1103,7 @@ int main(int argc, char ** argv) case '?': case 'h': /* help */ mount_cifs_usage (); - exit(1); + exit(EX_USAGE); case 'n': ++nomtab; break; @@ -1138,14 +1157,14 @@ int main(int argc, char ** argv) uid = strtoul(optarg, &ep, 10); if (*ep) { printf("bad uid value \"%s\"\n", optarg); - exit(1); + exit(EX_USAGE); } } else { struct passwd *pw; if (!(pw = getpwnam(optarg))) { printf("bad user name \"%s\"\n", optarg); - exit(1); + exit(EX_USAGE); } uid = pw->pw_uid; endpwent(); @@ -1158,14 +1177,14 @@ int main(int argc, char ** argv) gid = strtoul(optarg, &ep, 10); if (*ep) { printf("bad gid value \"%s\"\n", optarg); - exit(1); + exit(EX_USAGE); } } else { struct group *gr; if (!(gr = getgrnam(optarg))) { printf("bad user name \"%s\"\n", optarg); - exit(1); + exit(EX_USAGE); } gid = gr->gr_gid; endpwent(); @@ -1195,13 +1214,13 @@ int main(int argc, char ** argv) default: printf("unknown mount option %c\n",c); mount_cifs_usage(); - exit(1); + exit(EX_USAGE); } } if((argc < 3) || (dev_name == NULL) || (mountpoint == NULL)) { mount_cifs_usage(); - exit(1); + exit(EX_USAGE); } if (getenv("PASSWD")) { @@ -1218,13 +1237,13 @@ int main(int argc, char ** argv) } if (orgoptions && parse_options(&orgoptions, &flags)) { - rc = -1; + rc = EX_USAGE; goto mount_exit; } ipaddr = parse_server(&share_name); if((ipaddr == NULL) && (got_ip == 0)) { printf("No ip address specified and hostname not found\n"); - rc = -1; + rc = EX_USAGE; goto mount_exit; } @@ -1239,19 +1258,19 @@ int main(int argc, char ** argv) } if(chdir(mountpoint)) { printf("mount error: can not change directory into mount target %s\n",mountpoint); - rc = -1; + rc = EX_USAGE; goto mount_exit; } if(stat (".", &statbuf)) { printf("mount error: mount point %s does not exist\n",mountpoint); - rc = -1; + rc = EX_USAGE; goto mount_exit; } if (S_ISDIR(statbuf.st_mode) == 0) { printf("mount error: mount point %s is not a directory\n",mountpoint); - rc = -1; + rc = EX_USAGE; goto mount_exit; } @@ -1264,7 +1283,7 @@ int main(int argc, char ** argv) #endif } else { printf("mount error: permission denied or not superuser and mount.cifs not installed SUID\n"); - return -1; + exit(EX_USAGE); } } @@ -1279,7 +1298,7 @@ int main(int argc, char ** argv) mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1); if (!tmp_pass || !mountpassword) { printf("Password not entered, exiting\n"); - return -1; + exit(EX_USAGE); } strlcpy(mountpassword, tmp_pass, MOUNT_PASSWD_SIZE+1); got_password = 1; @@ -1297,7 +1316,7 @@ mount_retry: else { printf("No server share name specified\n"); printf("\nMounting the DFS root for server not implemented yet\n"); - exit(1); + exit(EX_USAGE); } if(user_name) optlen += strlen(user_name) + 6; @@ -1311,7 +1330,7 @@ mount_retry: if(options == NULL) { printf("Could not allocate memory for mount options\n"); - return -1; + exit(EX_SYSERR); } options[0] = 0; @@ -1390,8 +1409,7 @@ mount_retry: printf("mount error %d = %s\n",errno,strerror(errno)); } printf("Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)\n"); - rc = -1; - goto mount_exit; + rc = EX_FAIL; } else { pmntfile = setmntent(MOUNTED, "a+"); if(pmntfile) { @@ -1429,11 +1447,13 @@ mount_retry: rc = addmntent(pmntfile,&mountent); endmntent(pmntfile); SAFE_FREE(mountent.mnt_opts); + if (rc) + rc = EX_FILEIO; } else { - printf("could not update mount table\n"); + printf("could not update mount table\n"); + rc = EX_FILEIO; } } - rc = 0; mount_exit: if(mountpassword) { int len = strlen(mountpassword); @@ -1445,5 +1465,5 @@ mount_exit: SAFE_FREE(orgoptions); SAFE_FREE(resolved_path); SAFE_FREE(share_name); - return rc; + exit(rc); } diff --git a/source3/configure.in b/source3/configure.in index 640afc47fb..1eba4a0a58 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -128,7 +128,7 @@ fi if test "x$debug" = "xyes" ; then CFLAGS="${CFLAGS} -g" else - CFLAGS="-O" + CFLAGS="${CFLAGS} -O" fi m4_include(../lib/socket_wrapper/config.m4) @@ -404,10 +404,10 @@ AC_SUBST(DYNEXP) dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsarpc rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsarpc rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin auth_netlogond vfs_default nss_info_template" dnl These are preferably build shared, and static if dlopen() is not available -default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_xattr_tdb vfs_streams_xattr vfs_acl_xattr" +default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_xattr_tdb vfs_streams_xattr vfs_acl_xattr vfs_smb_traffic_analyzer" if test "x$developer" = xyes; then default_static_modules="$default_static_modules rpc_rpcecho" @@ -6058,6 +6058,7 @@ SMB_MODULE(idmap_nss, winbindd/idmap_nss.o, "bin/nss.$SHLIBEXT", IDMAP) SMB_MODULE(idmap_rid, winbindd/idmap_rid.o, "bin/rid.$SHLIBEXT", IDMAP) SMB_MODULE(idmap_ad, winbindd/idmap_ad.o, "bin/ad.$SHLIBEXT", IDMAP) SMB_MODULE(idmap_hash, \$(IDMAP_HASH_OBJ), "bin/hash.$SHLIBEXT", IDMAP) +SMB_MODULE(idmap_adex, \$(IDMAP_ADEX_OBJ), "bin/adex.$SHLIBEXT", IDMAP) SMB_SUBSYSTEM(IDMAP, winbindd/idmap.o) SMB_MODULE(nss_info_template, winbindd/nss_info_template.o, "bin/template.$SHLIBEXT", NSS_INFO) @@ -6076,6 +6077,7 @@ SMB_MODULE(auth_server, \$(AUTH_SERVER_OBJ), "bin/smbserver.$SHLIBEXT", AUTH) SMB_MODULE(auth_domain, \$(AUTH_DOMAIN_OBJ), "bin/domain.$SHLIBEXT", AUTH) SMB_MODULE(auth_builtin, \$(AUTH_BUILTIN_OBJ), "bin/builtin.$SHLIBEXT", AUTH) SMB_MODULE(auth_script, \$(AUTH_SCRIPT_OBJ), "bin/script.$SHLIBEXT", AUTH) +SMB_MODULE(auth_netlogond, \$(AUTH_NETLOGOND_OBJ), "bin/netlogond.$SHLIBEXT", AUTH) SMB_SUBSYSTEM(AUTH,auth/auth.o) SMB_MODULE(vfs_default, \$(VFS_DEFAULT_OBJ), "bin/default.$SHLIBEXT", VFS) @@ -6115,12 +6117,13 @@ SMB_MODULE(vfs_syncops, \$(VFS_SYNCOPS_OBJ), "bin/syncops.$SHLIBEXT", VFS) SMB_MODULE(vfs_zfsacl, \$(VFS_ZFSACL_OBJ), "bin/zfsacl.$SHLIBEXT", VFS) SMB_MODULE(vfs_notify_fam, \$(VFS_NOTIFY_FAM_OBJ), "bin/notify_fam.$SHLIBEXT", VFS) SMB_MODULE(vfs_acl_xattr, \$(VFS_ACL_XATTR_OBJ), "bin/acl_xattr.$SHLIBEXT", VFS) - +SMB_MODULE(vfs_smb_traffic_analyzer, \$(VFS_SMB_TRAFFIC_ANALYZER_OBJ), "bin/smb_traffic_analyzer.$SHLIBEXT", VFS) SMB_SUBSYSTEM(VFS,smbd/vfs.o) SMB_MODULE(gpext_registry, libgpo/gpext/registry.o, "bin/registry.$SHLIBEXT", GPEXT) SMB_MODULE(gpext_scripts, libgpo/gpext/scripts.o, "bin/scripts.$SHLIBEXT", GPEXT) +SMB_MODULE(gpext_security, libgpo/gpext/security.o, "bin/security.$SHLIBEXT", GPEXT) SMB_SUBSYSTEM(GPEXT, libgpo/gpext/gpext.o) AC_DEFINE_UNQUOTED(STRING_STATIC_MODULES, "$string_static_modules", [String list of builtin modules]) @@ -6271,8 +6274,14 @@ fi SMBD_LIBS="$samba_dmapi_libs" AC_SUBST(SMBD_LIBS) +CFLAGS="${CFLAGS} \$(FLAGS)" + if test x$MERGED_BUILD != x1; then - CFLAGS="${CFLAGS} \$(FLAGS) -D_SAMBA_BUILD_=3" + CFLAGS="${CFLAGS} -D_SAMBA_BUILD_=3" +else + if test x"$BLDSHARED" = x"true" ; then + LDFLAGS="$LDFLAGS -L./bin" + fi fi AC_OUTPUT(Makefile diff --git a/source3/dynconfig.c b/source3/dynconfig.c index 3a54507599..6125f9944c 100644 --- a/source3/dynconfig.c +++ b/source3/dynconfig.c @@ -77,6 +77,7 @@ DEFINE_DYN_CONFIG_PARAM(MODULESDIR) DEFINE_DYN_CONFIG_PARAM(SHLIBEXT) DEFINE_DYN_CONFIG_PARAM(LOCKDIR) DEFINE_DYN_CONFIG_PARAM(PIDDIR) +DEFINE_DYN_CONFIG_PARAM(NCALRPCDIR) DEFINE_DYN_CONFIG_PARAM(SMB_PASSWD_FILE) DEFINE_DYN_CONFIG_PARAM(PRIVATE_DIR) diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c index 7cee53a968..29927eb592 100644 --- a/source3/groupdb/mapping_tdb.c +++ b/source3/groupdb/mapping_tdb.c @@ -666,8 +666,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) if (num == 0) { status = dbwrap_delete_bystring(db, key); - TALLOC_FREE(sids); - goto cancel; + goto commit; } member_string = talloc_strdup(sids, ""); @@ -693,7 +692,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member) status = dbwrap_store_bystring( db, key, string_term_tdb_data(member_string), 0); - + commit: TALLOC_FREE(sids); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/include/charset.h b/source3/include/charset.h index 4d04b5a1a6..1c2a5fb5f0 100644 --- a/source3/include/charset.h +++ b/source3/include/charset.h @@ -18,6 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ +struct smb_iconv_convenience; + /* this defines the charset types used in samba */ typedef enum {CH_UTF16LE=0, CH_UTF16=0, CH_UNIX=1, CH_DISPLAY=2, CH_DOS=3, CH_UTF8=4, CH_UTF16BE=5} charset_t; diff --git a/source3/include/dynconfig.h b/source3/include/dynconfig.h index 758bde33cc..8267064f23 100644 --- a/source3/include/dynconfig.h +++ b/source3/include/dynconfig.h @@ -71,6 +71,10 @@ const char *get_dyn_PIDDIR(void); const char *set_dyn_PIDDIR(const char *newpath); bool is_default_dyn_PIDDIR(void); +const char *get_dyn_NCALRPCDIR(void); +const char *set_dyn_NCALRPCDIR(const char *newpath); +bool is_default_dyn_NCALRPCDIR(void); + const char *get_dyn_SMB_PASSWD_FILE(void); const char *set_dyn_SMB_PASSWD_FILE(const char *newpath); bool is_default_dyn_SMB_PASSWD_FILE(void); diff --git a/source3/include/hmacmd5.h b/source3/include/hmacmd5.h deleted file mode 100644 index ae588fb889..0000000000 --- a/source3/include/hmacmd5.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Interface header: Scheduler service - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - Copyright (C) Andrew Tridgell 1992-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _HMAC_MD5_H - -typedef struct { - struct MD5Context ctx; - unsigned char k_ipad[65]; - unsigned char k_opad[65]; -} HMACMD5Context; - -#endif /* _HMAC_MD5_H */ diff --git a/source3/include/idmap.h b/source3/include/idmap.h index 95c3e4c0c2..4322192155 100644 --- a/source3/include/idmap.h +++ b/source3/include/idmap.h @@ -31,8 +31,9 @@ Updated to 3 for enum types by JRA. */ /* Updated to 4, completely new interface, SSS */ +/* Updated to 5, simplified interface by Volker */ -#define SMB_IDMAP_INTERFACE_VERSION 4 +#define SMB_IDMAP_INTERFACE_VERSION 5 struct idmap_domain { const char *name; diff --git a/source3/include/includes.h b/source3/include/includes.h index ccdc6d3fd3..79495a7ecf 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -686,8 +686,9 @@ typedef char fstring[FSTRING_LEN]; #include "authdata.h" #include "msdfs.h" #include "rap.h" -#include "md5.h" -#include "hmacmd5.h" +#include "../lib/crypto/md5.h" +#include "../lib/crypto/crc32.h" +#include "../lib/crypto/hmacmd5.h" #include "ntlmssp.h" #include "auth.h" #include "ntdomain.h" @@ -703,6 +704,7 @@ typedef char fstring[FSTRING_LEN]; #include "librpc/gen_ndr/notify.h" #include "librpc/gen_ndr/xattr.h" #include "librpc/gen_ndr/messaging.h" +#include "librpc/gen_ndr/ndr_nbt.h" #include "librpc/rpc/dcerpc.h" #include "nt_printing.h" #include "idmap.h" diff --git a/source3/include/libmsrpc.h b/source3/include/libmsrpc.h deleted file mode 100644 index 3f2a7260ca..0000000000 --- a/source3/include/libmsrpc.h +++ /dev/null @@ -1,3045 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * MS-RPC client library API definitions/prototypes - * - * Copyright (C) Chris Nicholls 2005. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef LIBMSRPC_H -#define LIBMSRPC_H - - -#include "includes.h" -#include "libsmbclient.h" -#include "libsmb_internal.h" - -/*server capability levels*/ -#define SRV_WIN_NT4 1 -#define SRV_WIN_2K 2 -#define SRV_WIN_2K_SP3 3 -#define SRV_WIN_2K3 4 - -/**@defgroup handle Server Handle*/ -/**@defgroup Library_Functions Library/Utility Functions*/ -/**@defgroup lsa_defs LSA Definitions*/ -/**@defgroup LSA_Functions LSA Functions*/ -/**@defgroup reg_defs Registry Definitions*/ -/**@defgroup Reg_Functions Registry Functions*/ -/**@defgroup sam_defs SAM Definitions*/ -/**@defgroup SAM_Functions SAM Functions*/ -/**@defgroup svc_defs Service Control Definitions*/ -/**@defgroup SCM_Functions Service Control Functions*/ - -/**Operation was unsuccessful*/ -#define CAC_FAILURE 0 -/**Operation was successful*/ -#define CAC_SUCCESS 1 -/**Operation was only partially successful - * an example of this is if you try to lookup a list of accounts to SIDs and not all accounts can be resolved*/ -#define CAC_PARTIAL_SUCCESS 2 - -/**@ingroup CAC_errors Use this to see if the last operation failed - useful for enumeration functions that use multiple calls*/ -#define CAC_OP_FAILED(status) !NT_STATUS_IS_OK(status) && \ - NT_STATUS_V(status) != NT_STATUS_V(STATUS_SOME_UNMAPPED) && \ - NT_STATUS_V(status) != NT_STATUS_V(STATUS_NO_MORE_FILES) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NO_MORE_ENTRIES) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NONE_MAPPED) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED) - - -/**Privilege string constants*/ -#define CAC_SE_CREATE_TOKEN "SeCreateTokenPrivilege" -#define CAC_SE_ASSIGN_PRIMARY_TOKEN "SeAssignPrimaryTokenPrivilege" -#define CAC_SE_LOCK_MEMORY "SeLockMemoryPrivilege" -#define CAC_SE_INCREASE_QUOTA "SeIncreaseQuotaPrivilege" -#define CAC_SE_MACHINE_ACCOUNT "SeMachineAccountPrivilege" -#define CAC_SE_TCB "SeTcbPrivilege" -#define CAC_SE_SECURITY "SeSecurityPrivilege" -#define CAC_SE_TAKE_OWNERSHIP "SeTakeOwnershipPrivilege" -#define CAC_SE_LOAD_DRIVER "SeLoadDriverPrivilege" -#define CAC_SE_SYSTEM_PROFILE "SeSystemProfilePrivilege" -#define CAC_SE_SYSTEM_TIME "SeSystemtimePrivilege" -#define CAC_SE_PROFILE_SINGLE_PROC "SeProfileSingleProcessPrivilege" -#define CAC_SE_INCREASE_BASE_PRIORITY "SeIncreaseBasePriorityPrivilege" -#define CAC_SE_CREATE_PAGEFILE "SeCreatePagefilePrivilege" -#define CAC_SE_CREATE_PERMANENT "SeCreatePermanentPrivilege" -#define CAC_SE_BACKUP "SeBackupPrivilege" -#define CAC_SE_RESTORE "SeRestorePrivilege" -#define CAC_SE_SHUTDOWN "SeShutdownPrivilege" -#define CAC_SE_DEBUG "SeDebugPrivilege" -#define CAC_SE_AUDIT "SeAuditPrivilege" -#define CAC_SE_SYSTEM_ENV "SeSystemEnvironmentPrivilege" -#define CAC_SE_CHANGE_NOTIFY "SeChangeNotifyPrivilege" -#define CAC_SE_REMOTE_SHUTDOWN "SeRemoteShutdownPrivilege" -#define CAC_SE_UNDOCK "SeUndockPrivilege" -#define CAC_SE_SYNC_AGENT "SeSyncAgentPrivilege" -#define CAC_SE_ENABLE_DELEGATION "SeEnableDelegationPrivilege" -#define CAC_SE_MANAGE_VOLUME "SeManageVolumePrivilege" -#define CAC_SE_IMPERSONATE "SeImpersonatePrivilege" -#define CAC_SE_CREATE_GLOBAL "SeCreateGlobalPrivilege" -#define CAC_SE_PRINT_OPERATOR "SePrintOperatorPrivilege" -#define CAC_SE_NETWORK_LOGON "SeNetworkLogonRight" -#define CAC_SE_INTERACTIVE_LOGON "SeInteractiveLogonRight" -#define CAC_SE_BATCH_LOGON "SeBatchLogonRight" -#define CAC_SE_SERVICE_LOGON "SeServiceLogonRight" -#define CAC_SE_ADD_USERS "SeAddUsersPrivilege" -#define CAC_SE_DISK_OPERATOR "SeDiskOperatorPrivilege" - -/** - * @addtogroup lsa_defs - * @{ - */ -/**used to specify what data to retrieve using cac_LsaQueryTrustedDomainInformation*/ -#define CAC_INFO_TRUSTED_DOMAIN_NAME 0x1 -#define CAC_INFO_TRUSTED_DOMAIN_POSIX_OFFSET 0x3 -#define CAC_INFO_TRUSTED_DOMAIN_PASSWORD 0x4 - -/**Used when requesting machine domain information*/ -#define CAC_DOMAIN_INFO 0x0003 - -/**Used when requesting machine local information*/ -#define CAC_LOCAL_INFO 0x0005 - -/**Stores information about a SID*/ -typedef struct _CACSIDINFO { - /**The actual SID*/ - DOM_SID sid; - - /**The name of the object which maps to this SID*/ - char *name; - - /**The domain the SID belongs to*/ - char *domain; -} CacSidInfo; -/* @} */ - -/** - * @addtogroup reg_defs - * @{ - */ -/**Null terminated string*/ -typedef char* REG_SZ_DATA; - -/**Null terminated string with windows environment variables that should be expanded*/ -typedef char* REG_EXPAND_SZ_DATA; - -/**Binary data of some kind*/ -typedef struct _REGBINARYDATA { - uint32 data_length; - uint8 * data; -} REG_BINARY_DATA; - -/**32-bit (little endian) number*/ -typedef uint32 REG_DWORD_DATA; - -/**32-bit big endian number*/ -typedef uint32 REG_DWORD_BE_DATA; - -/**array of strings*/ -typedef struct _REGMULTISZDATA { - uint32 num_strings; - - char **strings; -} REG_MULTI_SZ_DATA; - -typedef union _REGVALUEDATA { - REG_SZ_DATA reg_sz; - REG_EXPAND_SZ_DATA reg_expand_sz; - REG_BINARY_DATA reg_binary; - REG_DWORD_DATA reg_dword; - REG_DWORD_BE_DATA reg_dword_be; - REG_MULTI_SZ_DATA reg_multi_sz; -} REG_VALUE_DATA; -/**@}*/ - -/** - * @addtogroup sam_defs - * @{ - */ - -#define CAC_USER_RID 0x1 -#define CAC_GROUP_RID 0x2 - -typedef struct _CACLOOKUPRIDSRECORD { - char *name; - uint32 rid; - - /**If found, this will be one of: - * - CAC_USER_RID - * - CAC_GROUP_RID - */ - uint32 type; - - /*if the name or RID was looked up, then found = True*/ - bool found; -} CacLookupRidsRecord; - -typedef struct _CACUSERINFO { - /**Last logon time*/ - time_t logon_time; - - /**Last logoff time*/ - time_t logoff_time; - - /**Last kickoff time*/ - time_t kickoff_time; - - /**Last password set time*/ - time_t pass_last_set_time; - - /**Time password can change*/ - time_t pass_can_change_time; - - /**Time password must change*/ - time_t pass_must_change_time; - - /**LM user password*/ - uint8 lm_password[8]; - - /**NT user password*/ - uint8 nt_password[8]; - - /**User's RID*/ - uint32 rid; - - /**RID of primary group*/ - uint32 group_rid; - - /**User's ACB mask*/ - uint32 acb_mask; - - /**Bad password count*/ - uint16 bad_passwd_count; - - /**Number of logons*/ - uint16 logon_count; - - /**Change password at next logon?*/ - bool pass_must_change; - - /**Username*/ - char *username; - - /**User's full name*/ - char *full_name; - - /**User's home directory*/ - char *home_dir; - - /**Home directory drive*/ - char *home_drive; - - /**Logon script*/ - char *logon_script; - - /**Path to profile*/ - char *profile_path; - - /**Account description*/ - char *description; - - /**Login from workstations*/ - char *workstations; - - char *dial; - - /**Possible logon hours*/ - LOGON_HRS *logon_hours; - -} CacUserInfo; - -typedef struct _CACGROUPINFO { - /**Group name*/ - char *name; - - /**Description*/ - char *description; - - /**Number of members*/ - uint32 num_members; -} CacGroupInfo, CacAliasInfo; - -/**Represents a period (duration) of time*/ -typedef struct _CACTIME { - /**Number of days*/ - uint32 days; - - /**Number of hours*/ - uint32 hours; - - /**Number of minutes*/ - uint32 minutes; - - /**number of seconds*/ - uint32 seconds; -} CacTime; - - -typedef struct _CACDOMINFO { - /**The server role. Should be one of: - * ROLE_STANDALONE - * ROLE_DOMAIN_MEMBER - * ROLE_DOMAIN_BDC - * ROLE_DOMAIN_PDC - * see include/smb.h - */ - uint32 server_role; - - /**Number of domain users*/ - uint32 num_users; - - /**Number of domain groups*/ - uint32 num_domain_groups; - - /**Number of local groups*/ - uint32 num_local_groups; - - /**Comment*/ - char *comment; - - /**Domain name*/ - char *domain_name; - - /**Server name*/ - char *server_name; - - /**Minimum password length*/ - uint16 min_pass_length; - - /**How many previous passwords to remember - ie, password cannot be the same as N previous passwords*/ - uint16 pass_history; - - /**How long (from now) before passwords expire*/ - CacTime expire; - - /**How long (from now) before passwords can be changed*/ - CacTime min_pass_age; - - /**How long users are locked out for too many bad password attempts*/ - CacTime lockout_duration; - - /**How long before lockouts are reset*/ - CacTime lockout_reset; - - /**How many bad password attempts before lockout occurs*/ - uint16 num_bad_attempts; -} CacDomainInfo; - -/**@}*/ /*sam_defs*/ - -/**@addtogroup svc_defs - * @{ - */ -typedef struct _CACSERVICE { - /**The service name*/ - char *service_name; - - /**The display name of the service*/ - char *display_name; - - /**Current status of the service - see include/rpc_svcctl.h for SERVICE_STATUS definition*/ - SERVICE_STATUS status; -} CacService; - -typedef struct __CACSERVICECONFIG { - /**The service type*/ - uint32 type; - - /**The start type. Should be one of: - * - SVCCTL_BOOT_START - * - SVCCTL_SYSTEM_START - * - SVCCTL_AUTO_START - * - SVCCTL_DEMAND_START - */ - uint32 start_type; - - uint32 error_control; - - /**Path to executable*/ - char *exe_path; - - /***/ - char *load_order_group; - - uint32 tag_id; - - /**Any dependencies for the service*/ - char *dependencies; - - /**Run as...*/ - char *start_name; - - /**Service display name*/ - char *display_name; - -} CacServiceConfig; -/**@}*/ /*svc_defs*/ - -#include "libmsrpc_internal.h" - -/** - * @addtogroup handle - * @{ - */ - -/** - * Server handle used to keep track of client/server/pipe information. Use cac_NewServerHandle() to allocate. - * Initiliaze as many values as possible before calling cac_Connect(). - * - * @note When allocating memory for the fields, use SMB_MALLOC() (or equivalent) instead of talloc() (or equivalent) - - * If memory is not allocated for a field, cac_Connect will allocate sizeof(fstring) bytes for it. - * - * @note It may be wise to allocate large buffers for these fields and strcpy data into them. - * - * @see cac_NewServerHandle() - * @see cac_FreeHandle() - */ -typedef struct _CACSERVERHANDLE { - /** debug level - */ - int debug; - - /** netbios name used to make connections - */ - char *netbios_name; - - /** domain name used to make connections - */ - char *domain; - - /** username used to make connections - */ - char *username; - - /** user's password plain text string - */ - char *password; - - /** name or IP address of server we are currently working with - */ - char *server; - - /**stores the latest NTSTATUS code - */ - NTSTATUS status; - - /** internal. do not modify! - */ - struct CacServerHandleInternal _internal; - -} CacServerHandle; - -/*@}*/ - -/**internal function. do not call this function*/ -SMBCSRV *cac_GetServer(CacServerHandle *hnd); - - -/** @addtogroup Library_Functions - * @{ - */ -/** - * Initializes the library - do not need to call this function. Open's smb.conf as well as initializes logging. - * @param debug Debug level for library to use - */ - -void cac_Init(int debug); - -/** - * Creates an un-initialized CacServerHandle - * @param allocate_fields If True, the function will allocate sizeof(fstring) bytes for all char * fields in the handle - * @return - un-initialized server handle - * - NULL if no memory could be allocated - */ -CacServerHandle * cac_NewServerHandle(bool allocate_fields); - -/** - * Specifies the smbc_get_auth_data_fn to use if you do not want to use the default. - * @param hnd non-NULL server handle - * @param auth_fn auth_data_fn to set in server handle - */ - -void cac_SetAuthDataFn(CacServerHandle *hnd, smbc_get_auth_data_fn auth_fn); - -/** Use your own libsmbclient context - not necessary. - * @note You must still call cac_Connect() after specifying your own libsmbclient context - * @param hnd Initialized, but not connected CacServerHandle - * @param ctx The libsmbclient context you would like to use. - */ -void cac_SetSmbcContext(CacServerHandle *hnd, SMBCCTX *ctx); - -/** Connects to a specified server. If there is already a connection to a different server, - * it will be cleaned up before connecting to the new server. - * @param hnd Pre-initialized CacServerHandle - * @param srv (Optional) Name or IP of the server to connect to. If NULL, server from the CacServerHandle will be used. - * - * @return CAC_FAILURE if the operation could not be completed successfully (hnd->status will also be set with a NTSTATUS code) - * @return CAC_SUCCESS if the operation succeeded - */ -int cac_Connect(CacServerHandle *hnd, const char *srv); - - -/** - * Cleans up any data used by the CacServerHandle. If the libsmbclient context was set using cac_SetSmbcContext(), it will not be free'd. - * @param hnd the CacServerHandle to destroy - */ -void cac_FreeHandle(CacServerHandle * hnd); - -/** - * Initializes a CacTime structure based on an NTTIME structure - * If the function fails, then the CacTime structure will be zero'd out - */ -void cac_InitCacTime(CacTime *cactime, NTTIME nttime); - -/** - * Called by cac_NewServerHandle() if allocate_fields = True. You can call this if you want to, allocates sizeof(fstring) char's for every char * field - * @param hnd Uninitialized server handle - * @return CAC_FAILURE Memory could not be allocated - * @return CAC_SUCCESS Memory was allocated - */ -int cac_InitHandleMem(CacServerHandle *hnd); - -/** - * Default smbc_get_auth_data_fn for libmsrpc. This function is called when libmsrpc needs to get more information about the - * client (username/password, workgroup). - * This function provides simple prompts to the user to enter the information. This description his here so you know how to re-define this function. - * @see cac_SetAuthDataFn() - * @param pServer Name/IP of the server to connect to. - * @param pShare Share name to connect to - * @param pWorkgroup libmsrpc passes in the workgroup/domain name from hnd->domain. It can be modified in the function. - * @param maxLenWorkgroup The maximum length of a string pWogroup can hold. - * @param pUsername libmsrpc passes in the username from hnd->username. It can be modified in the function. - * @param maxLenUsername The maximum length of a string pUsername can hold. - * @param pPassword libmsrpc pass in the password from hnd->password. It can be modified in the function. - * @param maxLenPassword The maximum length of a string pPassword can hold. - */ -void cac_GetAuthDataFn(const char * pServer, - const char * pShare, - char * pWorkgroup, - int maxLenWorkgroup, - char * pUsername, - int maxLenUsername, - char * pPassword, - int maxLenPassword); - - -/**@}*/ - -/***************** - * LSA Functions * - *****************/ - -/** @addtogroup LSA_Functions - * @{ - */ - -struct LsaOpenPolicy { - /**Inputs*/ - struct { - /**Access Mask. Refer to Security Access Masks in include/rpc_secdes.h*/ - uint32 access; - - /**Use security quality of service? (True/False)*/ - bool security_qos; - } in; - - /**Outputs*/ - struct { - /**Handle to the open policy (needed for all other operations)*/ - POLICY_HND *pol; - } out; -}; - -/** - * Opens a policy handle on a remote machine. - * @param hnd fully initialized CacServerHandle for remote machine - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE if the policy could not be opened. hnd->status set with appropriate NTSTATUS - * @return CAC_SUCCESS if the policy could be opened, the policy handle can be found - */ -int cac_LsaOpenPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenPolicy *op); - - -/** - * Closes an LSA policy handle (Retrieved using cac_LsaOpenPolicy). - * If successful, the handle will be closed on the server, and memory for pol will be freed - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param pol - the policy handle to close - * @return CAC_FAILURE could not close the policy handle, hnd->status is set to the appropriate NTSTATUS error code - * @return CAC_SUCCESS the policy handle was closed - */ -int cac_LsaClosePolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol); - - -struct LsaGetNamesFromSids { - struct { - /**handle to and open LSA policy*/ - POLICY_HND *pol; - - /**the number of SIDs to lookup*/ - uint32 num_sids; - - /**array of SIDs to lookup*/ - DOM_SID *sids; - } in; - - struct { - /**The number of names returned (in case of CAC_PARTIAL_SUCCESS)*/ - uint32 num_found; - - /**array of SID info each index is one sid */ - CacSidInfo *sids; - - /**in case of partial success, an array of SIDs that could not be looked up (NULL if all sids were looked up)*/ - DOM_SID *unknown; - } out; -}; - -/** - * Looks up the names for a list of SIDS - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code - * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output - * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs - */ -int cac_LsaGetNamesFromSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetNamesFromSids *op); - -struct LsaGetSidsFromNames { - struct { - /**handle to an open LSA policy*/ - POLICY_HND *pol; - - /**number of SIDs to lookup*/ - uint32 num_names; - - /**array of strings listing the names*/ - char **names; - } in; - - struct { - /**The number of SIDs returned (in case of partial success*/ - uint32 num_found; - - /**array of SID info for the looked up names*/ - CacSidInfo *sids; - - /**in case of partial success, the names that were not looked up*/ - char **unknown; - } out; -}; - -/** - * Looks up the SIDs for a list of names - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code - * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output - * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs - */ -int cac_LsaGetSidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSidsFromNames *op); - -struct LsaFetchSid { - struct { - /**handle to an open LSA policy*/ - POLICY_HND *pol; - - /**can be CAC_LOCAL_INFO, CAC_DOMAIN_INFO, or (CAC_LOCAL_INFO | CAC_DOMAIN_INFO)*/ - uint16 info_class; - } in; - - struct { - /**the machine's local SID and domain name (NULL if not asked for)*/ - CacSidInfo *local_sid; - - /**the machine's domain SID and name (NULL if not asked for)*/ - CacSidInfo *domain_sid; - - } out; -}; - -/** - * Looks up the domain or local sid of a machine with an open LSA policy handle - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE if the SID could not be fetched - * @return CAC_SUCCESS if the SID was fetched - * @return CAC_PARTIAL_SUCCESS if you asked for both local and domain sids but only one was returned - */ -int cac_LsaFetchSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaFetchSid *op); - -struct LsaQueryInfoPolicy { - struct { - /**Open LSA policy handle on remote server*/ - POLICY_HND *pol; - } in; - - struct { - /**remote server's domain name*/ - char *domain_name; - - /**remote server's dns name*/ - char *dns_name; - - /**remote server's forest name*/ - char *forest_name; - - /**remote server's domain guid*/ - struct GUID *domain_guid; - - /**remote server's domain SID*/ - DOM_SID *domain_sid; - } out; -}; - -/** - * Retrieves information about the LSA machine/domain - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * Note: for pre-Windows 2000 machines, only op->out.SID and op->out.domain will be set. @see cac_LsaFetchSid - * @return - CAC_FAILURE if the operation was not successful. hnd->status will be set with an accurate NT_STATUS code - * @return CAC_SUCCESS the operation was successful. - */ -int cac_LsaQueryInfoPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryInfoPolicy *op); - -struct LsaEnumSids { - struct { - /**Open LSA Policy handle*/ - POLICY_HND *pol; - - /**The prefered maximum number of SIDs returned per call*/ - uint32 pref_max_sids; - } in; - - struct { - /**used to keep track of how many sids have been retrieved over multiple calls - * should be set to zero via ZERO_STRUCT() befrore the first call. Use the same struct LsaEnumSids for multiple calls*/ - uint32 resume_idx; - - /**The number of sids returned this call*/ - uint32 num_sids; - - /**Array of sids returned*/ - DOM_SID *sids; - - } out; -}; - -/** - * Enumerates the SIDs in the LSA. Can be enumerated in blocks by calling the function multiple times. - * Example: while(cac_LsaEnumSids(hnd, mem_ctx, op) { ... } - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - */ -int cac_LsaEnumSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumSids *op); - -struct LsaEnumAccountRights { - struct { - /**Open LSA Policy handle*/ - POLICY_HND *pol; - - /**(Optional) SID of the account - must supply either sid or name*/ - DOM_SID *sid; - - /**(Optional) name of the account - must supply either sid or name*/ - char *name; - } in; - - struct { - /**Count of rights for this account*/ - uint32 num_privs; - - /**array of privilege names*/ - char **priv_names; - } out; -}; - -/** - * Enumerates rights assigned to a given account. Takes a SID instead of account handle as input - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the rights could not be retrieved. hnd->status is set with NT_STATUS code - * @return CAC_SUCCESS the operation was successful. - */ - -int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op); - -struct LsaEnumTrustedDomains { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - } in; - - struct { - /**used to keep track of how many domains have been retrieved over multiple calls - * should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/ - uint32 resume_idx; - - /**The number of domains returned by the remote server this call*/ - uint32 num_domains; - - /**array of trusted domain names returned by the remote server*/ - char **domain_names; - - /**array of trusted domain sids returned by the remote server*/ - DOM_SID *domain_sids; - } out; -}; - -/** - * Enumerates the trusted domains in the LSA. - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op - initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - */ -int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op); - -struct LsaOpenTrustedDomain { - struct { - /**an open LSA policy handle*/ - POLICY_HND *pol; - - /**SID of the trusted domain to open*/ - DOM_SID *domain_sid; - - /**Desired access on the open domain*/ - uint32 access; - } in; - - struct { - /**A handle to the policy that is opened*/ - POLICY_HND *domain_pol; - } out; -}; - -/** - * Opens a trusted domain by SID. - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op initialized I/O parameters - * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code - * @return CAC_SUCCESS the domain was opened successfully - */ -int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op); - -struct LsaQueryTrustedDomainInfo { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - - /**Info class of returned data*/ - uint16 info_class; - - /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/ - DOM_SID *domain_sid; - - /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/ - char *domain_name; - } in; - - struct { - /**information about the trusted domain*/ - LSA_TRUSTED_DOMAIN_INFO *info; - } out; -}; - -/** - * Retrieves information a trusted domain. - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op initialized I/O parameters - * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code - * @return CAC_SUCCESS the domain was opened successfully - */ - -int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op); - -struct LsaEnumPrivileges { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**The _preferred_ maxinum number of privileges returned per call*/ - uint32 pref_max_privs; - } in; - - struct { - /**Used to keep track of how many privileges have been retrieved over multiple calls. Do not modify this value between calls*/ - uint32 resume_idx; - - /**The number of privileges returned this call*/ - uint32 num_privs; - - /**Array of privilege names*/ - char **priv_names; - - /**Array of high bits for privilege LUID*/ - uint32 *high_bits; - - /**Array of low bits for privilege LUID*/ - uint32 *low_bits; - } out; -}; - -/** - * Enumerates the Privileges supported by the LSA. Can be enumerated in blocks by calling the function multiple times. - * Example: while(cac_LsaEnumPrivileges(hnd, mem_ctx, op) { ... } - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - * @see CAC_OP_FAILED() - */ -int cac_LsaEnumPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumPrivileges *op); - -struct LsaOpenAccount { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**(Optional) account SID - must supply either sid or name*/ - DOM_SID *sid; - - /**(Optional) account name - must supply either sid or name*/ - char *name; - - /**desired access for the handle*/ - uint32 access; - } in; - - struct { - /**A handle to the opened user*/ - POLICY_HND *user; - } out; -}; - -/** - * Opens a handle to an account in the LSA - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the account could not be opened. hnd->status has appropriate NT_STATUS code - * @return CAC_SUCCESS the account was opened - */ -int cac_LsaOpenAccount(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenAccount *op); - -struct LsaAddPrivileges { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**(Optional) The user's SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The user's name (must specify at least sid or name)*/ - char *name; - - /**The privilege names of the privileges to add for the account*/ - char **priv_names; - - /**The number of privileges in the priv_names array*/ - uint32 num_privs; - - } in; -}; - -/** - * Adds Privileges an account. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the privileges could not be set. hnd->status has appropriate NT_STATUS code - * @return CAC_SUCCESS the privileges were set. - */ -int cac_LsaAddPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); - -struct LsaRemovePrivileges { - struct { - /**An open handle to the LSA*/ - POLICY_HND *pol; - - /**(Optional) The account SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The account name (must specify at least sid or name)*/ - char *name; - - /**The privilege names of the privileges to remove from the account*/ - char **priv_names; - - /**The number of privileges in the priv_names array*/ - uint32 num_privs; - - } in; - -}; - -/** - * Removes a _specific_ set of privileges from an account - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the privileges could not be removed. hnd->status is set with NT_STATUS code - * @return CAC_SUCCESS the privileges were removed - */ -int cac_LsaRemovePrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaRemovePrivileges *op); - -struct LsaClearPrivileges { - struct { - /**An open handle to the LSA*/ - POLICY_HND *pol; - - /**(Optional) The user's SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The user's name (must specify at least sid or name)*/ - char *name; - } in; - -}; - -/** - * Removes ALL privileges from an account - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the operation was not successful, hnd->status set with NT_STATUS code - * @return CAC_SUCCESS the opeartion was successful. - */ -int cac_LsaClearPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaClearPrivileges *op); - -/** - * Sets an accounts priviliges. Removes all privileges and then adds specified privileges. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_LsaSetPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); - -struct LsaGetSecurityObject { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - } in; - - struct { - /**Returned security descriptor information*/ - SEC_DESC_BUF *sec; - } out; -}; - -/** - * Retrieves Security Descriptor information about the LSA - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_LsaGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSecurityObject *op); - - -/**@}*/ /*LSA_Functions*/ - -/********************** - * Registry Functions * - *********************/ - -/**@addtogroup Reg_Functions - * @{ - */ - -struct RegConnect { - struct { - /** must be one of : - * HKEY_CLASSES_ROOT, - * HKEY_LOCAL_MACHINE, - * HKEY_USERS, - * HKEY_PERFORMANCE_DATA, - */ - int root; - - /**desired access on the root key - * combination of: - * REG_KEY_READ, - * REG_KEY_WRITE, - * REG_KEY_EXECUTE, - * REG_KEY_ALL, - * found in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - POLICY_HND *key; - } out; -}; - -/** - * Opens a handle to the registry on the server - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegConnect *op); - -/** - * Closes an open registry handle - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param key The Key/Handle to close - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key); - -struct RegOpenKey { - struct { - /**(Optional)parent key. - * If this is NULL, then cac_RegOpenKey() will attempt to connect to the registry, name MUST start with something like:<br> - * HKEY_LOCAL_MACHINE\ or an abbreviation like HKCR\ - * - * supported root names: - * - HKEY_LOCAL_MACHINE\ or HKLM\ - * - HKEY_CLASSES_ROOT\ or HKCR\ - * - HKEY_USERS\ or HKU\ - * - HKEY_PERFORMANCE_DATA or HKPD\ - */ - POLICY_HND *parent_key; - - /**name/path of key*/ - char *name; - - /**desired access on this key*/ - uint32 access; - } in; - - struct { - POLICY_HND *key; - } out; -}; - -/** - * Opens a registry key - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegOpenKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegOpenKey *op); - -struct RegEnumKeys { - struct { - /**enumerate subkeys of this key*/ - POLICY_HND *key; - - /**maximum number of keys to enumerate each call*/ - uint32 max_keys; - } in; - - struct { - /**keeps track of the index to resume enumerating*/ - uint32 resume_idx; - - /**the number of keys returned this call*/ - uint32 num_keys; - - /**array of key names*/ - char **key_names; - - /**class names of the keys*/ - char **class_names; - - /**last modification time of the key*/ - time_t *mod_times; - } out; -}; - -/** - * Enumerates Subkeys of a given key. Can be run in a loop. Example: while(cac_RegEnumKeys(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @see CAC_OP_FAILED() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegEnumKeys(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumKeys *op); - - -struct RegCreateKey { - struct { - /**create a subkey of parent_key*/ - POLICY_HND *parent_key; - - /**name of the key to create*/ - char *key_name; - - /**class of the key*/ - char *class_name; - - /**Access mask to open the key with. See REG_KEY_* in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - /**Open handle to the key*/ - POLICY_HND *key; - } out; -}; - -/** - * Creates a registry key, if the key already exists, it will be opened __Creating keys is not currently working__. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parmeters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegCreateKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegCreateKey *op); - -struct RegDeleteKey { - struct { - /**handle to open registry key*/ - POLICY_HND *parent_key; - - /**name of the key to delete*/ - char *name; - - /**delete recursively. WARNING: this might not always work as planned*/ - bool recursive; - } in; - -}; - -/** - * Deletes a subkey of an open key. Note: if you run this with op->in.recursive == True, and the operation fails, it may leave the key in an inconsistent state. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegDeleteKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteKey *op); - -struct RegDeleteValue { - struct { - /**handle to open registry key*/ - POLICY_HND *parent_key; - - /**name of the value to delete*/ - char *name; - } in; -}; - -/** - * Deletes a registry value. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegDeleteValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteValue *op); - -struct RegQueryKeyInfo { - struct { - /**Open handle to the key to query*/ - POLICY_HND *key; - } in; - - struct { - /**name of the key class*/ - char *class_name; - - /**number of subkeys of the key*/ - uint32 num_subkeys; - - /**length (in characters) of the longest subkey name*/ - uint32 longest_subkey; - - /**length (in characters) of the longest class name*/ - uint32 longest_class; - - /**number of values in this key*/ - uint32 num_values; - - /**length (in characters) of the longest value name*/ - uint32 longest_value_name; - - /**length (in bytes) of the biggest value data*/ - uint32 longest_value_data; - - /**size (in bytes) of the security descriptor*/ - uint32 security_desc_size; - - /**time of the last write*/ - time_t last_write_time; - } out; -}; - -/** - * Retrieves information about an open key - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegQueryKeyInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryKeyInfo *op); - -struct RegSaveKey { - struct { - /**Open key to be saved*/ - POLICY_HND *key; - - /**The path (on the remote computer) to save the file to*/ - char *filename; - } in; -}; - -/** - * Saves a key to a file on the remote machine __Not currently working__. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegSaveKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSaveKey *op); - -struct RegQueryValue { - struct { - /**handle to open registry key*/ - POLICY_HND *key; - - /**name of the value to query*/ - char *val_name; - } in; - - struct { - /**Value type. - * One of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 type; - - /**The value*/ - REG_VALUE_DATA *data; - } out; -}; - -/** - * Retrieves a value (type and data) _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegQueryValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryValue *op); - -struct RegEnumValues { - struct { - /**handle to open key*/ - POLICY_HND *key; - - /**max number of values returned per call*/ - uint32 max_values; - - } in; - - struct { - /**keeps track of the index to resume from - used over multiple calls*/ - uint32 resume_idx; - - /**the number of values that were returned this call*/ - uint32 num_values; - - /**Array of value types. A type can be one of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 *types; - - /**array of strings storing the names of the values*/ - char **value_names; - - /**array of pointers to the value data returned*/ - REG_VALUE_DATA **values; - } out; -}; - -/** - * Enumerates a number of Registry values in an open registry key. - * Can be run in a loop. Example: while(cac_RegEnumValues(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @see CAC_OP_FAILED() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegEnumValues(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumValues *op); - -struct RegSetValue { - struct { - /**Handle to open registry key*/ - POLICY_HND *key; - - /**Name of the value*/ - char *val_name; - - /**Value type. - * One of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 type; - - /**the value*/ - REG_VALUE_DATA value; - } in; -}; - -/** - * Sets or creates value (type and data). - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegSetValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetValue *op); - -struct RegGetVersion { - struct { - /**open registry key*/ - POLICY_HND *key; - } in; - - struct { - /**version number*/ - uint32 version; - } out; -}; - -/** - * Retrieves the registry version number - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegGetVersion(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetVersion *op); - -struct RegGetKeySecurity { - struct { - /**Handle to key to query*/ - POLICY_HND *key; - - /**Info that you want. Should be a combination of (1 or more or'd): - * - OWNER_SECURITY_INFORMATION - * - GROUP_SECURITY_INFORMATION - * - DACL_SECURITY_INFORMATION - * - SACL_SECURITY_INFORMATION - * - UNPROTECTED_SACL_SECURITY_INFORMATION - * - UNPROTECTED_DACL_SECURITY_INFORMATION - * - PROTECTED_SACL_SECURITY_INFORMATION - * - PROTECTED_DACL_SECURITY_INFORMATION - * - * or use: - * - ALL_SECURITY_INFORMATION - * - * all definitions from include/rpc_secdes.h - */ - uint32 info_type; - } in; - - struct { - /**size of the data returned*/ - uint32 size; - - /**Security descriptor*/ - SEC_DESC *descriptor; - } out; -}; - -/** - * Retrieves a key security descriptor. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetKeySecurity *op); - -struct RegSetKeySecurity { - struct { - /**Handle to key to query*/ - POLICY_HND *key; - - /**Info that you want. Should be a combination of (1 or more or'd): - * - OWNER_SECURITY_INFORMATION - * - GROUP_SECURITY_INFORMATION - * - DACL_SECURITY_INFORMATION - * - SACL_SECURITY_INFORMATION - * - UNPROTECTED_SACL_SECURITY_INFORMATION - * - UNPROTECTED_DACL_SECURITY_INFORMATION - * - PROTECTED_SACL_SECURITY_INFORMATION - * - PROTECTED_DACL_SECURITY_INFORMATION - * - * or use: - * - ALL_SECURITY_INFORMATION - * - * all definitions from include/rpc_secdes.h - */ - uint32 info_type; - - /**size of the descriptor*/ - size_t size; - - /**Security descriptor*/ - SEC_DESC *descriptor; - } in; -}; - -/** - * Sets the key security descriptor. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegSetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetKeySecurity *op); - -/**@}*/ /*Reg_Functions*/ - -struct Shutdown { - struct { - /**the message to display (can be NULL)*/ - char *message; - - /**timeout in seconds*/ - uint32 timeout; - - /**False = shutdown, True = reboot*/ - bool reboot; - - /**force the*/ - bool force; - - /*FIXME: make this useful*/ - uint32 reason; - } in; -}; - - -/** - * Shutdown the server _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_Shutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct Shutdown *op); - -/** - * Attempt to abort initiated shutdown on the server _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_AbortShutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx); - -/***************** - * SAM Functions * - *****************/ - -/**@addtogroup SAM_Functions - * @{ - */ -struct SamConnect { - struct { - /**Access mask to open with - * see generic access masks in include/smb.h*/ - uint32 access; - } in; - - struct { - POLICY_HND *sam; - } out; -}; - -/** - * Connects to the SAM. This can be skipped by just calling cac_SamOpenDomain() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamConnect *op); - - -/** - * Closes any (SAM, domain, user, group, etc.) SAM handle. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param sam Handle to close - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *sam); - -struct SamOpenDomain { - struct { - /**The desired access. See generic access masks - include/smb.h*/ - uint32 access; - - /**(Optional) An open handle to the SAM. If it is NULL, the function will connect to the SAM with the access mask above*/ - POLICY_HND *sam; - - /**(Optional) The SID of the domain to open. - * If this this is NULL, the function will attempt to open the domain specified in hnd->domain */ - DOM_SID *sid; - } in; - - struct { - /**handle to the open domain*/ - POLICY_HND *dom_hnd; - - /**Handle to the open SAM*/ - POLICY_HND *sam; - } out; -}; - -/** - * Opens a handle to a domain. This must be called before any other SAM functions - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenDomain *op); - -struct SamCreateUser { - struct { - /**Open domain handle*/ - POLICY_HND *dom_hnd; - - /**Username*/ - char *name; - - /**See Allowable account control bits in include/smb.h*/ - uint32 acb_mask; - } in; - - struct { - /**handle to the user*/ - POLICY_HND *user_hnd; - - /**rid of the user*/ - uint32 rid; - } out; -}; - -/** - * Creates a new domain user, if the account already exists it will _not_ be opened and hnd->status will be NT_STATUS_USER_EXISTS - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamCreateUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateUser *op); - -struct SamOpenUser { - struct { - /**Handle to open SAM connection*/ - POLICY_HND *dom_hnd; - - /**desired access - see generic access masks in include/smb.h*/ - uint32 access; - - /**RID of the user*/ - uint32 rid; - - /**(Optional) name of the user - must supply either RID or user name*/ - char *name; - } in; - - struct { - /**Handle to the user*/ - POLICY_HND *user_hnd; - } out; -}; - -/** - * Opens a domain user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenUser *op); - -/** - * Deletes a domain user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - - -struct SamEnumUsers { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - - /**Enumerate users with specific ACB. If 0, all users will be enumerated*/ - uint32 acb_mask; - } in; - - struct { - /**where to resume from. Used over multiple calls*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_users; - - /**Array storing the rids of the returned users*/ - uint32 *rids; - - /**Array storing the names of all the users returned*/ - char **names; - - bool done; - } out; -}; - -/** - * Enumerates domain users. Can be used as a loop condition. Example: while(cac_SamEnumUsers(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumUsers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumUsers *op); - -struct SamGetNamesFromRids { - struct { - /**An open handle to the domain SAM from cac_SamOpenDomain()*/ - POLICY_HND *dom_hnd; - - /**Number of RIDs to resolve*/ - uint32 num_rids; - - /**Array of RIDs to resolve*/ - uint32 *rids; - } in; - - struct { - /**the number of names returned - if this is 0, the map is NULL*/ - uint32 num_names; - - /**array contiaing the Names and RIDs*/ - CacLookupRidsRecord *map; - } out; -}; - -/** - * Returns a list of names which map to a list of RIDs. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetNamesFromRids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetNamesFromRids *op); - -struct SamGetRidsFromNames { - struct { - /**An open handle to the domain SAM from cac_SamOpenDomain()*/ - POLICY_HND *dom_hnd; - - /**Number of names to resolve*/ - uint32 num_names; - - /**Array of names to resolve*/ - char **names; - } in; - - struct { - /**the number of names returned - if this is 0, then map is NULL*/ - uint32 num_rids; - - /**array contiaing the Names and RIDs*/ - CacLookupRidsRecord *map; - } out; -}; - -/** - * Returns a list of RIDs which map to a list of names. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetRidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetRidsFromNames *op); - -struct SamGetGroupsForUser { - struct { - /**An open handle to the user*/ - POLICY_HND *user_hnd; - } in; - - struct { - /**The number of groups the user is a member of*/ - uint32 num_groups; - - /**The RIDs of the groups*/ - uint32 *rids; - - /**The attributes of the groups*/ - uint32 *attributes; - } out; -}; -/** - * Retrieves a list of groups that a user is a member of. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupsForUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupsForUser *op); - -struct SamOpenGroup { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**rid of the group*/ - uint32 rid; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *group_hnd; - } out; -}; - -/** - * Opens a domain group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenGroup *op); - -struct SamCreateGroup { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**The name of the group*/ - char *name; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *group_hnd; - } out; -}; - -/** - * Creates a group. If the group already exists it will not be opened. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamCreateGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateGroup *op); - -/** - * Deletes a domain group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param group_hnd Open handle to the group. - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); - -struct SamGetGroupMembers { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - } in; - - struct { - /**The number of members in the group*/ - uint32 num_members; - - /**An array storing the RIDs of the users*/ - uint32 *rids; - - /**The attributes*/ - uint32 *attributes; - } out; -}; - -/** - * Retrives a list of users in a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupMembers *op); - -struct SamAddGroupMember { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**RID of new member*/ - uint32 rid; - } in; -}; - -/** - * Adds a user to a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamAddGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddGroupMember *op); - -struct SamRemoveGroupMember { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**RID of member to remove*/ - uint32 rid; - } in; -}; - -/** - * Removes a user from a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRemoveGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveGroupMember *op); - -/** - * Removes all the members of a group - warning: if this function fails is is possible that some but not all members were removed - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param group_hnd Open handle to the group to clear - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamClearGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); - -struct SamSetGroupMembers { - struct { - /**Open handle to the group*/ - POLICY_HND *group_hnd; - - /**Number of members in the group - if this is 0, all members of the group will be removed*/ - uint32 num_members; - - /**The RIDs of the users to add*/ - uint32 *rids; - } in; -}; - -/** - * Clears the members of a group and adds a list of members to the group - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupMembers *op); - -struct SamEnumGroups { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**Where to resume from _do not_ modify this value. Used over multiple calls.*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_groups; - - /**Array storing the rids of the returned groups*/ - uint32 *rids; - - /**Array storing the names of all the groups returned*/ - char **names; - - /**Array storing the descriptions of all the groups returned*/ - char **descriptions; - - bool done; - } out; -}; - -/** - * Enumerates domain groups. Can be used as a loop condition. Example: while(cac_SamEnumGroups(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumGroups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumGroups *op); - -struct SamEnumAliases { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**where to resume from. Used over multiple calls*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_aliases; - - /**Array storing the rids of the returned groups*/ - uint32 *rids; - - /**Array storing the names of all the groups returned*/ - char **names; - - /**Array storing the descriptions of all the groups returned*/ - char **descriptions; - - bool done; - } out; -}; - -/** - * Enumerates domain aliases. Can be used as a loop condition. Example: while(cac_SamEnumAliases(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumAliases(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumAliases *op); - -struct SamCreateAlias { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**The name of the alias*/ - char *name; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *alias_hnd; - } out; -}; - -/** - * Creates an alias. If the alias already exists it will not be opened. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamCreateAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateAlias *op); - -struct SamOpenAlias { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**rid of the alias*/ - uint32 rid; - } in; - - struct { - /**Handle to the alias*/ - POLICY_HND *alias_hnd; - } out; -}; - -/** - * Opens a handle to an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenAlias *op); - -/** - * Deletes an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param alias_hnd Open handle to the alias - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); - -struct SamAddAliasMember { - struct { - /**Open handle to a alias*/ - POLICY_HND *alias_hnd; - - /**SID of new member*/ - DOM_SID *sid; - } in; -}; - -/** - * Adds an account to an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op); - -struct SamRemoveAliasMember { - struct { - /**Open handle to the alias*/ - POLICY_HND *alias_hnd; - - /**The SID of the member*/ - DOM_SID *sid; - } in; -}; - -/** - * Removes an account from an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op); - -struct SamGetAliasMembers { - struct { - /**Open handle to the alias*/ - POLICY_HND *alias_hnd; - } in; - - struct { - /**The number of members*/ - uint32 num_members; - - /**An array storing the SIDs of the accounts*/ - DOM_SID *sids; - } out; -}; - -/** - * Retrieves a list of all accounts in an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op); - -/** - * Removes all the members of an alias - warning: if this function fails is is possible that some but not all members were removed - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param alias_hnd Handle to the alias to clear - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); - -struct SamSetAliasMembers { - struct { - /**Open handle to the group*/ - POLICY_HND *alias_hnd; - - /**Number of members in the group - if this is 0, all members of the group will be removed*/ - uint32 num_members; - - /**The SIDs of the accounts to add*/ - DOM_SID *sids; - } in; -}; - -/** - * Clears the members of an alias and adds a list of members to the alias - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op); - - -struct SamUserChangePasswd { - struct { - /**The username*/ - char *username; - - /**The current password*/ - char *password; - - /**The new password*/ - char *new_password; - } in; -}; -/**Used by a user to change their password*/ -int cac_SamUserChangePasswd(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamUserChangePasswd *op); - -/** - * Enables a user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user to enable - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - -/** - * Disables a user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user to disables - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDisableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - -struct SamSetPassword { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**The new password*/ - char *password; - } in; -}; - -/** - * Sets a user's password - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamSetPassword(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetPassword *op); - -struct SamGetUserInfo { - struct { - /**Open Handle to a user*/ - POLICY_HND *user_hnd; - } in; - - struct { - CacUserInfo *info; - } out; -}; - -/** - * Retrieves user information using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly, use cac_SamGetUserInfoCtr() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamGetUserInfoCtr() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfo *op); - -struct SamSetUserInfo { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**Structure containing the data you would like to set*/ - CacUserInfo *info; - } in; -}; - -/** - * Sets the user info using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly use cac_SamSetUserInfoCtr(). - * @note All fields in the CacUserInfo structure will be set. Best to call cac_GetUserInfo() modify fields that you want, and then call cac_SetUserInfo(). - * @note When calling this, you _must_ set the user's password. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamSetUserInfoCtr() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfo *op); - -struct SamGetUserInfoCtr { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**What USER_INFO structure you want. See include/rpc_samr.h*/ - uint16 info_class; - } in; - - struct { - /**returned user info*/ - SAM_USERINFO_CTR *ctr; - } out; -}; - -/** - * Retrieves user information using a SAM_USERINFO_CTR structure. If you don't want to use this structure, user SamGetUserInfo() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamGetUserInfo() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfoCtr *op); - -struct SamSetUserInfoCtr { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**user info - make sure ctr->switch_value is set properly*/ - SAM_USERINFO_CTR *ctr; - } in; -}; - -/** - * Sets the user info using a SAM_USERINFO_CTR structure. If you don't want to use this structure, use cac_SamSetUserInfo() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamSetUserInfo() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamSetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfoCtr *op); - -struct SamRenameUser { - struct { - /**Open handle to user*/ - POLICY_HND *user_hnd; - - /**New user name*/ - char *new_name; - } in; -}; - -/** - * Changes the name of a user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRenameUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameUser *op); - -struct SamGetGroupInfo { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - } in; - - struct { - /**Returned info about the group*/ - CacGroupInfo *info; - } out; -}; - -/** - * Retrieves information about a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupInfo *op); - -struct SamSetGroupInfo { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**group info*/ - CacGroupInfo *info; - } in; -}; - -/** - * Sets information about a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupInfo *op); - -struct SamRenameGroup { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**New name*/ - char *new_name; - } in; -}; - -/** - * Changes the name of a group - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamRenameGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameGroup *op); - -struct SamGetAliasInfo { - struct { - /**Open handle to an alias*/ - POLICY_HND *alias_hnd; - } in; - - struct { - /**Returned alias info*/ - CacAliasInfo *info; - } out; -}; - -/** - * Retrieves information about an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasInfo *op); - -struct SamSetAliasInfo { - struct { - /**Open handle to an alias*/ - POLICY_HND *alias_hnd; - - /**Returned alias info*/ - CacAliasInfo *info; - } in; -}; - -/** - * Sets information about an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasInfo *op); - -struct SamGetDomainInfo { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**Returned domain info*/ - CacDomainInfo *info; - } out; -}; - -/** - * Gets domain information in the form of a CacDomainInfo structure. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see SamGetDomainInfoCtr() - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - * @return CAC_PARTIAL_SUCCESS - This function makes 3 rpc calls, if one or two fail and the rest succeed, - * not all fields in the CacDomainInfo structure will be filled - */ -int cac_SamGetDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfo *op); - -struct SamGetDomainInfoCtr { - struct { - /**Open handle to domain*/ - POLICY_HND *dom_hnd; - - /**What info level you want*/ - uint16 info_class; - } in; - - struct { - SAM_UNK_CTR *info; - } out; -}; - -/** - * Gets domain information in the form of a SAM_UNK_CTR structure. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see SamGetDomainInfo() - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetDomainInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfoCtr *op); - -struct SamGetDisplayInfo { - struct { - /**Open handle to domain*/ - POLICY_HND *dom_hnd; - - /**What type of data*/ - uint16 info_class; - - /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ - uint32 max_entries; - - /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ - uint32 max_size; - } in; - - struct { - /**Do not modify this value, use the same value between multiple calls (ie in while loop)*/ - uint32 resume_idx; - - /**Number of entries returned*/ - uint32 num_entries; - - /**Returned display info*/ - SAM_DISPINFO_CTR ctr; - - /**Internal value. Do not modify.*/ - uint32 loop_count; - - bool done; - } out; -}; - -/** - * Gets dislpay information using a SAM_DISPINFO_CTR. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetDisplayInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDisplayInfo *op); - -struct SamLookupDomain { - struct { - /**Open handle to the sam (opened with cac_SamConnect() or cac_SamOpenDomain()*/ - POLICY_HND *sam; - - /**Name of the domain to lookup*/ - char *name; - } in; - - struct { - /**SID of the domain*/ - DOM_SID *sid; - } out; -}; - -/** - * Looks up a Domain SID given it's name. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamLookupDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamLookupDomain *op); - -struct SamGetSecurityObject { - struct { - /**An open handle (SAM, domain or user)*/ - POLICY_HND *pol; - } in; - - struct { - SEC_DESC_BUF *sec; - } out; -}; - -/** - * Retrievies Security descriptor information for a SAM/Domain/user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetSecurityObject *op); - -struct SamFlush { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**(Optional)Domain SID. If NULL, the domain in hnd->domain will be opened*/ - DOM_SID *sid; - - /**(Optional)Desired access to re-open the domain with. If 0, MAXIMUM_ALLOWED_ACCESS is used.*/ - uint32 access; - } in; -}; - -/** - * Closes the domain handle, then re-opens it - effectively flushing any changes made. - * WARNING: if this fails you will no longer have an open handle to the domain SAM. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamFlush(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamFlush *op); - -/**@}*/ /*SAM_Functions*/ - -/**@addtogroup SCM_Functions - * @{ - */ - -struct SvcOpenScm { - struct { - /**Desired access to open the Handle with. See SC_RIGHT_MGR_* or SC_MANAGER_* in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - /**Handle to the SCM*/ - POLICY_HND *scm_hnd; - } out; -}; - -/** - * Opens a handle to the SCM on the remote machine. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcOpenScm(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenScm *op); - -/** - * Closes an Svc handle (SCM or Service) - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param scm_hnd The handle to close - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *scm_hnd); - -struct SvcEnumServices { - struct { - /**Open handle to the SCM*/ - POLICY_HND *scm_hnd; - - /**(Optional)Type of service to enumerate. Possible values: - * - SVCCTL_TYPE_WIN32 - * - SVCCTL_TYPE_DRIVER - * If this is 0, (SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32) is assumed. - */ - uint32 type; - - /**(Optional)State of service to enumerate. Possible values: - * - SVCCTL_STATE_ACTIVE - * - SVCCTL_STATE_INACTIVE - * - SVCCTL_STATE_ALL - * If this is 0, SVCCTL_STATE_ALL is assumed. - */ - uint32 state; - } in; - - struct { - /**Number of services returned*/ - uint32 num_services; - - /**Array of service structures*/ - CacService *services; - } out; -}; - -/** - * Enumerates services on the remote machine. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcEnumServices(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcEnumServices *op); - -struct SvcOpenService { - struct { - /**Handle to the Service Control Manager*/ - POLICY_HND *scm_hnd; - - /**Access mask to open service with see SERVICE_* or SC_RIGHT_SVC_* in include/rpc_secdes.h*/ - uint32 access; - - /**The name of the service. _not_ the display name*/ - char *name; - } in; - - struct { - /**Handle to the open service*/ - POLICY_HND *svc_hnd; - } out; -}; - -/** - * Opens a handle to a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ - -int cac_SvcOpenService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenService *op); - -struct SvcGetStatus { - struct { - /**Open handle to the service to query*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**The status of the service. See include/rpc_svcctl.h for SERVICE_STATUS definition.*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Retrieves the status of a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetStatus *op); - -struct SvcStartService { - struct { - /**open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Array of parameters to start the service with. Can be NULL if num_parms is 0*/ - char **parms; - - /**Number of parameters in the parms array*/ - uint32 num_parms; - - /**Number of seconds to wait for the service to actually start. If this is 0, then the status will not be checked after the initial call*/ - uint32 timeout; - } in; -}; - -/** - * Attempts to start a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ - -int cac_SvcStartService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStartService *op); - -struct SvcControlService { - struct { - /**Open handle to the service to control*/ - POLICY_HND *svc_hnd; - - /**The control operation to perform. Possible values (from include/rpc_svcctl.h): - * - SVCCTL_CONTROL_STOP - * - SVCCTL_CONTROL_PAUSE - * - SVCCTL_CONTROL_CONTINUE - * - SVCCTL_CONTROL_SHUTDOWN - */ - uint32 control; - } in; - - struct { - /**The returned status of the service, _immediately_ after the call*/ - SERVICE_STATUS *status; - } out; -}; - -/** - * Performs a control operation on a service and _immediately_ returns. - * @see cac_SvcStopService() - * @see cac_SvcPauseService() - * @see cac_SvcContinueService() - * @see cac_SvcShutdownService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcControlService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcControlService *op); - -struct SvcStopService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to stop a service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcStopService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStopService *op); - -struct SvcPauseService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to pause a service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcPauseService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcPauseService *op); - -struct SvcContinueService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to continue a paused service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcContinueService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcContinueService *op); - -struct SvcGetDisplayName { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**The returned display name of the service*/ - char *display_name; - } out; -}; - -/** - * Retrieves the display name of a service _not currently working_ - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetDisplayName(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetDisplayName *op); - -struct SvcGetServiceConfig { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**Returned Configuration information*/ - CacServiceConfig config; - } out; -}; - -/** - * Retrieves configuration information about a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetServiceConfig(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetServiceConfig *op); - -/**@}*/ /*SCM_Functions*/ - -struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx); - -#endif /* LIBMSRPC_H */ - - diff --git a/source3/include/libmsrpc_internal.h b/source3/include/libmsrpc_internal.h deleted file mode 100644 index 623c43f9c3..0000000000 --- a/source3/include/libmsrpc_internal.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * MS-RPC client internal definitions - * Copyright (C) Chris Nicholls 2005. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef LIBMSRPC_INTERNAL_H -#define LIBMSRPC_INTERNAL_H - -#include "libmsrpc.h" - -/*definitions*/ - -struct CacServerHandleInternal { - /*stores the os type of the server*/ - uint16 srv_level; - - /*stores the initialized/active pipes*/ - bool pipes[PI_MAX_PIPES]; - - /*underlying smbc context*/ - SMBCCTX *ctx; - - /*did the user supply this SMBCCTX?*/ - bool user_supplied_ctx; -}; - -/*used to get a struct rpc_pipe_client* to be passed into rpccli* calls*/ - -/*nessecary prototypes*/ -bool rid_in_list(uint32 rid, uint32 *list, uint32 list_len); - -int cac_ParseRegPath(char *path, uint32 *reg_type, char **key_name); - -REG_VALUE_DATA *cac_MakeRegValueData(TALLOC_CTX *mem_ctx, uint32 data_type, REGVAL_BUFFER buf); - -RPC_DATA_BLOB *cac_MakeRpcDataBlob(TALLOC_CTX *mem_ctx, uint32 data_type, REG_VALUE_DATA data); - -SAM_USERINFO_CTR *cac_MakeUserInfoCtr(TALLOC_CTX *mem_ctx, CacUserInfo *info); - -CacUserInfo *cac_MakeUserInfo(TALLOC_CTX *mem_ctx, SAM_USERINFO_CTR *ctr); -CacGroupInfo *cac_MakeGroupInfo(TALLOC_CTX *mem_ctx, GROUP_INFO_CTR *ctr); -GROUP_INFO_CTR *cac_MakeGroupInfoCtr(TALLOC_CTX *mem_ctx, CacGroupInfo *info); -CacAliasInfo *cac_MakeAliasInfo(TALLOC_CTX *mem_ctx, ALIAS_INFO_CTR ctr); -ALIAS_INFO_CTR *cac_MakeAliasInfoCtr(TALLOC_CTX *mem_ctx, CacAliasInfo *info); -CacDomainInfo *cac_MakeDomainInfo(TALLOC_CTX *mem_ctx, SAM_UNK_INFO_1 *info1, SAM_UNK_INFO_2 *info2, SAM_UNK_INFO_12 *info12); -CacService *cac_MakeServiceArray(TALLOC_CTX *mem_ctx, ENUM_SERVICES_STATUS *svc, uint32 num_services); -int cac_InitCacServiceConfig(TALLOC_CTX *mem_ctx, SERVICE_CONFIG *src, CacServiceConfig *dest); - -/*moved to libmsrpc.h*/ -/*struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx);*/ - -SMBCSRV *smbc_attr_server(SMBCCTX *context, - const char *server, const char *share, - fstring workgroup, - fstring username, fstring password, - POLICY_HND *pol); - - -#endif /* LIBMSRPC_INTERNAL_H */ diff --git a/source3/include/md5.h b/source3/include/md5.h deleted file mode 100644 index e4cd08ed5e..0000000000 --- a/source3/include/md5.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef MD5_H -#define MD5_H -#ifndef HEADER_MD5_H -/* Try to avoid clashes with OpenSSL */ -#define HEADER_MD5_H -#endif - -struct MD5Context { - uint32 buf[4]; - uint32 bits[2]; - unsigned char in[64]; -}; - -void MD5Init(struct MD5Context *context); -void MD5Update(struct MD5Context *context, unsigned char const *buf, - unsigned len); -void MD5Final(unsigned char digest[16], struct MD5Context *context); - -#endif /* !MD5_H */ diff --git a/source3/include/nameserv.h b/source3/include/nameserv.h index 4377e3330a..a7d46e72d8 100644 --- a/source3/include/nameserv.h +++ b/source3/include/nameserv.h @@ -539,17 +539,6 @@ struct packet_struct } packet; }; -/* NETLOGON opcodes */ - -#define QUERYFORPDC 7 /* Query for PDC. */ -#define SAM_UAS_CHANGE 10 /* Announce change to UAS or SAM. */ -#define QUERYFORPDC_R 12 /* Response to Query for PDC. */ -#define SAMLOGON 18 -#define SAMLOGON_R 19 -#define SAMLOGON_UNK_R 21 -#define SAMLOGON_AD_UNK_R 23 -#define SAMLOGON_AD_R 25 - /* Ids for netbios packet types. */ #define ANN_HostAnnouncement 1 diff --git a/source3/include/printing.h b/source3/include/printing.h index 2788143cc5..d91917b528 100644 --- a/source3/include/printing.h +++ b/source3/include/printing.h @@ -77,6 +77,7 @@ extern struct printif iprint_printif; #define NEXT_JOBID(j) ((j+1) % PRINT_MAX_JOBID > 0 ? (j+1) % PRINT_MAX_JOBID : 1) #define MAX_CACHE_VALID_TIME 3600 +#define CUPS_DEFAULT_CONNECTION_TIMEOUT 30 #ifndef PRINT_SPOOL_PREFIX #define PRINT_SPOOL_PREFIX "smbprn." diff --git a/source3/include/proto.h b/source3/include/proto.h index 2901911c70..fc497b6966 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -43,7 +43,10 @@ bool password_ok(const char *smb_name, DATA_BLOB password_blob); /* The following definitions come from auth/auth_domain.c */ -NTSTATUS auth_domain_init(void) ; +void attempt_machine_password_change(void); +NTSTATUS auth_domain_init(void); + +NTSTATUS auth_netlogond_init(void); /* The following definitions come from auth/auth_ntlmssp.c */ @@ -437,10 +440,6 @@ int connections_forall(int (*fn)(struct db_record *rec, void *private_data); bool connections_init(bool rw); -/* The following definitions come from lib/crc32.c */ - -uint32 crc32_calc_buffer(const char *buf, size_t size); - /* The following definitions come from lib/data_blob.c */ DATA_BLOB data_blob(const void *p, size_t length); @@ -498,7 +497,7 @@ TALLOC_CTX *debug_ctx(void); /* The following definitions come from lib/display_sec.c */ char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type); -void display_sec_access(SEC_ACCESS *info); +void display_sec_access(uint32_t *info); void display_sec_ace_flags(uint8_t flags); void display_sec_ace(SEC_ACE *ace); void display_sec_acl(SEC_ACL *sec_acl); @@ -516,6 +515,7 @@ void display_set_stderr(void); /* The following definitions come from lib/errmap_unix.c */ NTSTATUS map_nt_error_from_unix(int unix_error); +int map_errno_from_nt_status(NTSTATUS status); /* The following definitions come from lib/events.c */ @@ -596,16 +596,6 @@ void set_need_random_reseed(void); void generate_random_buffer( unsigned char *out, int len); char *generate_random_str(size_t len); -/* The following definitions come from lib/hmacmd5.c */ - -void hmac_md5_init_rfc2104(const unsigned char *key, int key_len, HMACMD5Context *ctx); -void hmac_md5_init_limK_to_64(const unsigned char* key, int key_len, - HMACMD5Context *ctx); -void hmac_md5_update(const unsigned char *text, int text_len, HMACMD5Context *ctx); -void hmac_md5_final(unsigned char *digest, HMACMD5Context *ctx); -void hmac_md5( unsigned char key[16], const unsigned char *data, int data_len, - unsigned char *digest); - /* The following definitions come from lib/iconv.c */ NTSTATUS smb_register_charset(struct charset_functions *funcs) ; @@ -649,12 +639,6 @@ char *escape_rdn_val_string_alloc(const char *s); void mdfour(unsigned char *out, const unsigned char *in, int n); -/* The following definitions come from lib/md5.c */ - -void MD5Init(struct MD5Context *ctx); -void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len); -void MD5Final(unsigned char digest[16], struct MD5Context *ctx); - /* The following definitions come from lib/module.c */ NTSTATUS smb_load_module(const char *module_name); @@ -727,6 +711,7 @@ bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset ) /* The following definitions come from lib/readline.c */ +void smb_readline_done(void); char *smb_readline(const char *prompt, void (*callback)(void), char **(completion_fn)(const char *text, int start, int end)); const char *smb_readline_get_line_buffer(void); @@ -791,7 +776,6 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask); NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size); SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, bool child_container); -void init_sec_access(uint32 *t, uint32 mask); /* The following definitions come from lib/select.c */ @@ -1446,6 +1430,7 @@ WERROR registry_push_value(TALLOC_CTX *mem_ctx, /* The following definitions come from lib/util_seaccess.c */ void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping); +void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping); void se_map_standard(uint32 *access_mask, struct standard_mapping *mapping); bool se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token, uint32 acc_desired, uint32 *acc_granted, @@ -1927,20 +1912,15 @@ NTSTATUS kerberos_return_info3_from_pac(TALLOC_CTX *mem_ctx, struct netr_SamInfo3 **info3); /* The following definitions come from libads/cldap.c */ - bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx, const char *server, const char *realm, - uint32_t *nt_version, - union nbt_cldap_netlogon **reply); + uint32_t nt_version, + struct netlogon_samlogon_response **reply); bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx, const char *server, const char *realm, - struct nbt_cldap_netlogon_5 *reply5); -bool pull_mailslot_cldap_reply(TALLOC_CTX *mem_ctx, - const DATA_BLOB *blob, - union nbt_cldap_netlogon *r, - uint32_t *nt_version); + struct NETLOGON_SAM_LOGON_RESPONSE_EX *reply5); /* The following definitions come from libads/disp_sec.c */ @@ -2204,23 +2184,6 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, char **returned_principal); -/* The following definitions come from libcli/nbt/nbtname.c */ - -_PUBLIC_ void ndr_print_nbt_string(struct ndr_print *ndr, const char *name, const char *s); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_string(struct ndr_pull *ndr, int ndr_flags, const char **s); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_string(struct ndr_push *ndr, int ndr_flags, const char *s); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r); -_PUBLIC_ NTSTATUS nbt_name_dup(TALLOC_CTX *mem_ctx, struct nbt_name *name, struct nbt_name *newname); -_PUBLIC_ NTSTATUS nbt_name_to_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct nbt_name *name); -_PUBLIC_ NTSTATUS nbt_name_from_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct nbt_name *name); -_PUBLIC_ void nbt_choose_called_name(TALLOC_CTX *mem_ctx, - struct nbt_name *n, const char *name, int type); -_PUBLIC_ char *nbt_name_string(TALLOC_CTX *mem_ctx, const struct nbt_name *name); -_PUBLIC_ enum ndr_err_code ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr_flags, const struct nbt_name **_r); -_PUBLIC_ enum ndr_err_code ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r); -_PUBLIC_ void ndr_print_wrepl_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r); - /* The following definitions come from libgpo/gpext/gpext.c */ struct gp_extension *get_gp_extension_list(void); @@ -2871,93 +2834,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_RejectReason(struct ndr_push *ndr, int _PUBLIC_ enum ndr_err_code ndr_pull_samr_RejectReason(struct ndr_pull *ndr, int ndr_flags, enum samr_RejectReason *r); _PUBLIC_ void ndr_print_samr_RejectReason(struct ndr_print *ndr, const char *name, enum samr_RejectReason r); -/* The following definitions come from librpc/gen_ndr/ndr_nbt.c */ - -_PUBLIC_ void ndr_print_nbt_operation(struct ndr_print *ndr, const char *name, uint16_t r); -_PUBLIC_ void ndr_print_nbt_name_type(struct ndr_print *ndr, const char *name, enum nbt_name_type r); -_PUBLIC_ void ndr_print_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r); -_PUBLIC_ void ndr_print_nbt_qclass(struct ndr_print *ndr, const char *name, enum nbt_qclass r); -_PUBLIC_ void ndr_print_nbt_qtype(struct ndr_print *ndr, const char *name, enum nbt_qtype r); -_PUBLIC_ void ndr_print_nbt_name_question(struct ndr_print *ndr, const char *name, const struct nbt_name_question *r); -_PUBLIC_ void ndr_print_nb_flags(struct ndr_print *ndr, const char *name, uint16_t r); -_PUBLIC_ void ndr_print_nbt_rdata_address(struct ndr_print *ndr, const char *name, const struct nbt_rdata_address *r); -_PUBLIC_ void ndr_print_nbt_rdata_netbios(struct ndr_print *ndr, const char *name, const struct nbt_rdata_netbios *r); -_PUBLIC_ void ndr_print_nbt_statistics(struct ndr_print *ndr, const char *name, const struct nbt_statistics *r); -_PUBLIC_ void ndr_print_nbt_status_name(struct ndr_print *ndr, const char *name, const struct nbt_status_name *r); -_PUBLIC_ void ndr_print_nbt_rdata_status(struct ndr_print *ndr, const char *name, const struct nbt_rdata_status *r); -_PUBLIC_ void ndr_print_nbt_rdata_data(struct ndr_print *ndr, const char *name, const struct nbt_rdata_data *r); -_PUBLIC_ void ndr_print_nbt_rdata(struct ndr_print *ndr, const char *name, const union nbt_rdata *r); -_PUBLIC_ void ndr_print_nbt_res_rec(struct ndr_print *ndr, const char *name, const struct nbt_res_rec *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_name_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_name_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_name_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_name_packet *r); -_PUBLIC_ void ndr_print_nbt_name_packet(struct ndr_print *ndr, const char *name, const struct nbt_name_packet *r); -_PUBLIC_ void ndr_print_dgram_msg_type(struct ndr_print *ndr, const char *name, enum dgram_msg_type r); -_PUBLIC_ void ndr_print_dgram_flags(struct ndr_print *ndr, const char *name, uint8_t r); -_PUBLIC_ void ndr_print_smb_command(struct ndr_print *ndr, const char *name, enum smb_command r); -_PUBLIC_ void ndr_print_smb_trans_body(struct ndr_print *ndr, const char *name, const struct smb_trans_body *r); -_PUBLIC_ void ndr_print_smb_body(struct ndr_print *ndr, const char *name, const union smb_body *r); -_PUBLIC_ enum ndr_err_code ndr_push_dgram_smb_packet(struct ndr_push *ndr, int ndr_flags, const struct dgram_smb_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_dgram_smb_packet(struct ndr_pull *ndr, int ndr_flags, struct dgram_smb_packet *r); -_PUBLIC_ void ndr_print_dgram_smb_packet(struct ndr_print *ndr, const char *name, const struct dgram_smb_packet *r); -_PUBLIC_ void ndr_print_dgram_message_body(struct ndr_print *ndr, const char *name, const union dgram_message_body *r); -_PUBLIC_ void ndr_print_dgram_message(struct ndr_print *ndr, const char *name, const struct dgram_message *r); -_PUBLIC_ void ndr_print_dgram_err_code(struct ndr_print *ndr, const char *name, enum dgram_err_code r); -_PUBLIC_ void ndr_print_dgram_data(struct ndr_print *ndr, const char *name, const union dgram_data *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_dgram_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_dgram_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_dgram_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_dgram_packet *r); -_PUBLIC_ void ndr_print_nbt_dgram_packet(struct ndr_print *ndr, const char *name, const struct nbt_dgram_packet *r); -_PUBLIC_ void ndr_print_nbt_netlogon_command(struct ndr_print *ndr, const char *name, enum nbt_netlogon_command r); -_PUBLIC_ void ndr_print_nbt_netlogon_version(struct ndr_print *ndr, const char *name, uint32_t r); -_PUBLIC_ void ndr_print_nbt_netlogon_query_for_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc *r); -_PUBLIC_ void ndr_print_nbt_netlogon_query_for_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc2 *r); -_PUBLIC_ void ndr_print_nbt_netlogon_response_from_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc *r); -_PUBLIC_ void ndr_print_nbt_server_type(struct ndr_print *ndr, const char *name, uint32_t r); -_PUBLIC_ void ndr_print_nbt_dc_sock_addr(struct ndr_print *ndr, const char *name, const struct nbt_dc_sock_addr *r); -_PUBLIC_ void ndr_print_nbt_netlogon_response_from_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc2 *r); -_PUBLIC_ void ndr_print_nbt_db_change(struct ndr_print *ndr, const char *name, const struct nbt_db_change *r); -_PUBLIC_ void ndr_print_nbt_netlogon_announce_uas(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_announce_uas *r); -_PUBLIC_ void ndr_print_nbt_netlogon_request(struct ndr_print *ndr, const char *name, const union nbt_netlogon_request *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_netlogon_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_netlogon_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_packet *r); -_PUBLIC_ void ndr_print_nbt_netlogon_packet(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_packet *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_1(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_1 *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_3(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_3 *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_5(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_5 *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_5(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_5 *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_5(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_5 *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_13(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_13 *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_15(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_15 *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_15(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_15 *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_15(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_15 *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_29(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_29 *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_29(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_29 *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_29(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_29 *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon(struct ndr_push *ndr, int ndr_flags, const union nbt_cldap_netlogon *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon(struct ndr_pull *ndr, int ndr_flags, union nbt_cldap_netlogon *r); -_PUBLIC_ void ndr_print_nbt_cldap_netlogon(struct ndr_print *ndr, const char *name, const union nbt_cldap_netlogon *r); -_PUBLIC_ void ndr_print_nbt_ntlogon_command(struct ndr_print *ndr, const char *name, enum nbt_ntlogon_command r); -_PUBLIC_ void ndr_print_nbt_ntlogon_sam_logon(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon *r); -_PUBLIC_ void ndr_print_nbt_ntlogon_sam_logon_reply(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon_reply *r); -_PUBLIC_ void ndr_print_nbt_ntlogon_request(struct ndr_print *ndr, const char *name, const union nbt_ntlogon_request *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_ntlogon_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_ntlogon_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_ntlogon_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_ntlogon_packet *r); -_PUBLIC_ void ndr_print_nbt_ntlogon_packet(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_packet *r); -_PUBLIC_ void ndr_print_nbt_browse_opcode(struct ndr_print *ndr, const char *name, enum nbt_browse_opcode r); -_PUBLIC_ void ndr_print_nbt_browse_host_announcement(struct ndr_print *ndr, const char *name, const struct nbt_browse_host_announcement *r); -_PUBLIC_ void ndr_print_nbt_browse_announcement_request(struct ndr_print *ndr, const char *name, const struct nbt_browse_announcement_request *r); -_PUBLIC_ void ndr_print_nbt_browse_election_request(struct ndr_print *ndr, const char *name, const struct nbt_browse_election_request *r); -_PUBLIC_ void ndr_print_nbt_browse_backup_list_request(struct ndr_print *ndr, const char *name, const struct nbt_browse_backup_list_request *r); -_PUBLIC_ void ndr_print_nbt_browse_backup_list_response(struct ndr_print *ndr, const char *name, const struct nbt_browse_backup_list_response *r); -_PUBLIC_ void ndr_print_nbt_browse_become_backup(struct ndr_print *ndr, const char *name, const struct nbt_browse_become_backup *r); -_PUBLIC_ void ndr_print_nbt_browse_domain_announcement(struct ndr_print *ndr, const char *name, const struct nbt_browse_domain_announcement *r); -_PUBLIC_ void ndr_print_nbt_browse_master_announcement(struct ndr_print *ndr, const char *name, const struct nbt_browse_master_announcement *r); -_PUBLIC_ void ndr_print_nbt_browse_reset_state(struct ndr_print *ndr, const char *name, const struct nbt_browse_reset_state *r); -_PUBLIC_ void ndr_print_nbt_browse_local_master_announcement(struct ndr_print *ndr, const char *name, const struct nbt_browse_local_master_announcement *r); -_PUBLIC_ void ndr_print_nbt_browse_payload(struct ndr_print *ndr, const char *name, const union nbt_browse_payload *r); -_PUBLIC_ enum ndr_err_code ndr_push_nbt_browse_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_browse_packet *r); -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_browse_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_browse_packet *r); -_PUBLIC_ void ndr_print_nbt_browse_packet(struct ndr_print *ndr, const char *name, const struct nbt_browse_packet *r); - /* The following definitions come from librpc/gen_ndr/ndr_netlogon.c */ _PUBLIC_ void ndr_print_netr_UasInfo(struct ndr_print *ndr, const char *name, const struct netr_UasInfo *r); @@ -3898,7 +3774,7 @@ NTSTATUS rpc_wkssvc_init(void); /* The following definitions come from librpc/ndr/ndr.c */ _PUBLIC_ size_t ndr_align_size(uint32_t offset, size_t n); -_PUBLIC_ struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx); +_PUBLIC_ struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience); _PUBLIC_ enum ndr_err_code ndr_pull_advance(struct ndr_pull *ndr, uint32_t size); _PUBLIC_ void ndr_pull_save(struct ndr_pull *ndr, struct ndr_pull_save *save); _PUBLIC_ void ndr_pull_restore(struct ndr_pull *ndr, struct ndr_pull_save *save); @@ -3960,16 +3836,15 @@ _PUBLIC_ enum ndr_err_code ndr_print_set_switch_value(struct ndr_print *ndr, con _PUBLIC_ uint32_t ndr_push_get_switch_value(struct ndr_push *ndr, const void *p); _PUBLIC_ uint32_t ndr_pull_get_switch_value(struct ndr_pull *ndr, const void *p); _PUBLIC_ uint32_t ndr_print_get_switch_value(struct ndr_print *ndr, const void *p); -_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, - ndr_pull_flags_fn_t fn); -_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, - ndr_pull_flags_fn_t fn); +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, ndr_pull_flags_fn_t fn); +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + void *p, ndr_pull_flags_fn_t fn); _PUBLIC_ enum ndr_err_code ndr_pull_union_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, uint32_t level, ndr_pull_flags_fn_t fn); _PUBLIC_ enum ndr_err_code ndr_pull_union_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, uint32_t level, ndr_pull_flags_fn_t fn); -_PUBLIC_ enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, const void *p, - ndr_push_flags_fn_t fn); +_PUBLIC_ enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, const void *p, ndr_push_flags_fn_t fn); _PUBLIC_ enum ndr_err_code ndr_push_union_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, uint32_t level, ndr_push_flags_fn_t fn); _PUBLIC_ size_t ndr_size_struct(const void *p, int flags, ndr_push_flags_fn_t push); @@ -4313,7 +4188,7 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, const char *domain_name, uint32_t *nt_version, const char **dc_name, - union nbt_cldap_netlogon **reply); + struct netlogon_samlogon_response **reply); /* The following definitions come from libsmb/clientgen.c */ @@ -5954,6 +5829,7 @@ const char **lp_svcctl_list(void); char *lp_cups_options(int ); char *lp_cups_server(void); char *lp_iprint_server(void); +int lp_cups_connection_timeout(void); const char *lp_ctdbd_socket(void); const char **lp_cluster_addresses(void); bool lp_clustering(void); @@ -6119,7 +5995,7 @@ bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal); struct parm_struct *lp_get_parameter(const char *param_name); struct parm_struct *lp_next_parameter(int snum, int *i, int allparameters); bool lp_snum_ok(int iService); -void lp_add_one_printer(char *name, char *comment); +void lp_add_one_printer(const char *name, const char *comment, void *pdata); bool lp_loaded(void); void lp_killunused(bool (*snumused) (int)); void lp_kill_all_services(void); @@ -6548,6 +6424,8 @@ bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx, struct dcinfo **ppdc); bool secrets_store_generic(const char *owner, const char *key, const char *secret); char *secrets_fetch_generic(const char *owner, const char *key); +bool secrets_store_local_schannel_key(uint8_t schannel_key[16]); +bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]); /* The following definitions come from passdb/util_builtin.c */ @@ -6690,11 +6568,15 @@ char* get_server_name( Printer_entry *printer ); /* The following definitions come from printing/pcap.c */ +bool pcap_cache_add_specific(struct pcap_cache **ppcache, const char *name, const char *comment); +void pcap_cache_destroy_specific(struct pcap_cache **ppcache); bool pcap_cache_add(const char *name, const char *comment); bool pcap_cache_loaded(void); +void pcap_cache_replace(const struct pcap_cache *cache); void pcap_cache_reload(void); bool pcap_printername_ok(const char *printername); -void pcap_printer_fn(void (*fn)(char *, char *)); +void pcap_printer_fn_specific(const struct pcap_cache *, void (*fn)(const char *, const char *, void *), void *); +void pcap_printer_fn(void (*fn)(const char *, const char *, void *), void *); /* The following definitions come from printing/print_aix.c */ @@ -7049,6 +6931,12 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, DATA_BLOB lm_response, DATA_BLOB nt_response, struct netr_SamInfo3 **info3); +NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const unsigned char orig_trust_passwd_hash[16], + const char *new_trust_pwd_cleartext, + const unsigned char new_trust_passwd_hash[16], + uint32_t sec_channel_type); /* The following definitions come from rpc_client/cli_pipe.c */ @@ -7427,6 +7315,9 @@ void init_netr_PasswordInfo(struct netr_PasswordInfo *r, const char *workstation, struct samr_Password lmpassword, struct samr_Password ntpassword); +void init_netr_CryptPassword(const char *pwd, + unsigned char session_key[16], + struct netr_CryptPassword *pwd_buf); /* The following definitions come from rpc_client/init_samr.c */ @@ -9670,7 +9561,6 @@ NTSTATUS open_fake_file(connection_struct *conn, const char *fname, uint32 access_mask, files_struct **result); -void destroy_fake_file_handle(struct fake_file_handle **fh); NTSTATUS close_fake_file(files_struct *fsp); /* The following definitions come from smbd/file_access.c */ @@ -10036,14 +9926,17 @@ void reply_pipe_close(connection_struct *conn, struct smb_request *req); /* The following definitions come from smbd/posix_acls.c */ -NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd); +NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd); SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl); NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, SEC_DESC **ppdesc); NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, uint32_t security_info, SEC_DESC **ppdesc); int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid); -NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); +NTSTATUS append_parent_acl(files_struct *fsp, + const SEC_DESC *pcsd, + SEC_DESC **pp_new_sd); +NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd); int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode ); int chmod_acl(connection_struct *conn, const char *name, mode_t mode); int inherit_access_posix_acl(connection_struct *conn, const char *inherit_from_dir, diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h index 83103b7386..71fba41fe9 100644 --- a/source3/include/rpc_secdes.h +++ b/source3/include/rpc_secdes.h @@ -70,9 +70,6 @@ PROTECTED_SACL_SECURITY_INFORMATION|\ PROTECTED_DACL_SECURITY_INFORMATION) -/* SEC_ACCESS */ -typedef uint32 SEC_ACCESS; - /* SEC_ACE */ typedef struct security_ace SEC_ACE; #define SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32)) diff --git a/source3/include/secrets.h b/source3/include/secrets.h index d9f457558b..3c8e2ccf81 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -45,6 +45,8 @@ #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW" +#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY" + /* Authenticated user info is stored in secrets.tdb under these keys */ #define SECRETS_AUTH_USER "SECRETS/AUTH_USER" diff --git a/source3/include/smb.h b/source3/include/smb.h index c8c4f8c3cc..ef98b5e1b5 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -391,6 +391,7 @@ struct idle_event; struct share_mode_entry; struct uuid; struct named_mutex; +struct pcap_cache; struct vfs_fsp_data { struct vfs_fsp_data *next; diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 20e2a9a443..d2e0aa95ac 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -75,22 +75,6 @@ return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ } while(0) -/* you must add the following extern declaration to files using this macro - * (do not add it to the macro as that causes nested extern declaration warnings) - * extern struct current_user current_user; - */ -#define CHECK_FSP(fsp,conn) do {\ - if (!(fsp) || !(conn)) \ - return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ - else if (((conn) != (fsp)->conn) || current_user.vuid != (fsp)->vuid) \ - return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ - else if ((fsp)->is_directory) \ - return ERROR_NT(NT_STATUS_INVALID_DEVICE_REQUEST); \ - else if ((fsp)->fh->fd == -1) \ - return ERROR_NT(NT_STATUS_ACCESS_DENIED); \ - (fsp)->num_smb_operations++;\ - } while(0) - #define CHECK_READ(fsp,inbuf) (((fsp)->fh->fd != -1) && ((fsp)->can_read || \ ((SVAL((inbuf),smb_flg2) & FLAGS2_READ_PERMIT_EXECUTE) && \ (fsp->access_mask & FILE_EXECUTE)))) diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 9b72f69328..a3d38f6a25 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -108,8 +108,9 @@ /* Leave at 22 - not yet released. Remove parameter fd from close_fn. - obnox */ /* Changed to version 23 - remove set_nt_acl call. This can only be done via an open handle. JRA. */ +/* Changed to version 24 - make security descriptor const in fset_nt_acl. JRA. */ -#define SMB_VFS_INTERFACE_VERSION 23 +#define SMB_VFS_INTERFACE_VERSION 24 /* to bug old modules which are trying to compile with the old functions */ @@ -365,7 +366,7 @@ struct vfs_ops { NTSTATUS (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, uint32 security_info_sent, - struct security_descriptor *psd); + const struct security_descriptor *psd); /* POSIX ACL operations. */ diff --git a/source3/lib/async_sock.c b/source3/lib/async_sock.c index 1a4c27ba20..ffba6de832 100644 --- a/source3/lib/async_sock.c +++ b/source3/lib/async_sock.c @@ -658,12 +658,13 @@ struct async_req *async_connect(TALLOC_CTX *mem_ctx, struct event_context *ev, state->fde = event_add_fd(ev, state, fd, EVENT_FD_READ | EVENT_FD_WRITE, - async_connect_callback, state); + async_connect_callback, result); if (state->fde == NULL) { sys_fcntl_long(fd, F_SETFL, p->old_sockflags); TALLOC_FREE(result); return NULL; } + result->private_data = state; state->param.param_connect.fd = fd; state->param.param_connect.address = address; diff --git a/source3/lib/crc32.c b/source3/lib/crc32.c deleted file mode 100644 index a4ae90c469..0000000000 --- a/source3/lib/crc32.c +++ /dev/null @@ -1,103 +0,0 @@ -/*- - * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or - * code or tables extracted from it, as desired without restriction. - * - * First, the polynomial itself and its table of feedback terms. The - * polynomial is - * X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0 - * - * Note that we take it "backwards" and put the highest-order term in - * the lowest-order bit. The X^32 term is "implied"; the LSB is the - * X^31 term, etc. The X^0 term (usually shown as "+1") results in - * the MSB being 1 - * - * Note that the usual hardware shift register implementation, which - * is what we're using (we're merely optimizing it by doing eight-bit - * chunks at a time) shifts bits into the lowest-order term. In our - * implementation, that means shifting towards the right. Why do we - * do it this way? Because the calculated CRC must be transmitted in - * order from highest-order term to lowest-order term. UARTs transmit - * characters in order from LSB to MSB. By storing the CRC this way - * we hand it to the UART in the order low-byte to high-byte; the UART - * sends each low-bit to hight-bit; and the result is transmission bit - * by bit from highest- to lowest-order term without requiring any bit - * shuffling on our part. Reception works similarly - * - * The feedback terms table consists of 256, 32-bit entries. Notes - * - * The table can be generated at runtime if desired; code to do so - * is shown later. It might not be obvious, but the feedback - * terms simply represent the results of eight shift/xor opera - * tions for all combinations of data and CRC register values - * - * The values must be right-shifted by eight bits by the "updcrc - * logic; the shift must be unsigned (bring in zeroes). On some - * hardware you could probably optimize the shift in assembler by - * using byte-swap instructions - * polynomial $edb88320 - * - * - * CRC32 code derived from work by Gary S. Brown. - */ - -#include "includes.h" - -static const uint32 crc32_tab[] = { - 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, - 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, - 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, - 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, - 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, - 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, - 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, - 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, - 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, - 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, - 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, - 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, - 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, - 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, - 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, - 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, - 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, - 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, - 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, - 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, - 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, - 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, - 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, - 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, - 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, - 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, - 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, - 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, - 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, - 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, - 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28, - 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, - 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, - 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, - 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, - 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, - 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, - 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, - 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, - 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, - 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, - 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, - 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d -}; - -uint32 crc32_calc_buffer(const char *buf, size_t size) -{ - const unsigned char *p; - uint32 crc; - - p = (const unsigned char *)buf; - crc = ~0U; - - while (size--) - crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8); - - return crc ^ ~0U; -} diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c index 1ae23bcf82..5075476e94 100644 --- a/source3/lib/ctdbd_conn.c +++ b/source3/lib/ctdbd_conn.c @@ -260,7 +260,7 @@ static struct messaging_rec *ctdb_pull_messaging_rec(TALLOC_CTX *mem_ctx, blob = data_blob_const(msg->data, msg->datalen); ndr_err = ndr_pull_struct_blob( - &blob, result, result, + &blob, result, NULL, result, (ndr_pull_flags_fn_t)ndr_pull_messaging_rec); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -636,7 +636,7 @@ NTSTATUS ctdbd_messaging_send(struct ctdbd_connection *conn, } ndr_err = ndr_push_struct_blob( - &blob, mem_ctx, msg, + &blob, mem_ctx, NULL, msg, (ndr_push_flags_fn_t)ndr_push_messaging_rec); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { diff --git a/source3/lib/dbwrap_ctdb.c b/source3/lib/dbwrap_ctdb.c index 63a5ce4de6..2818634b14 100644 --- a/source3/lib/dbwrap_ctdb.c +++ b/source3/lib/dbwrap_ctdb.c @@ -405,8 +405,9 @@ static struct db_record *db_ctdb_fetch_locked_transaction(struct db_ctdb_ctx *ct return result; } -static int db_ctdb_record_destructor(struct db_record *rec) +static int db_ctdb_record_destructor(struct db_record **recp) { + struct db_record *rec = talloc_get_type_abort(*recp, struct db_record); struct db_ctdb_transaction_handle *h = talloc_get_type_abort( rec->private_data, struct db_ctdb_transaction_handle); int ret = h->ctx->db->transaction_commit(h->ctx->db); @@ -424,7 +425,7 @@ static struct db_record *db_ctdb_fetch_locked_persistent(struct db_ctdb_ctx *ctx TDB_DATA key) { int res; - struct db_record *rec; + struct db_record *rec, **recp; res = db_ctdb_transaction_start(ctx->db); if (res == -1) { @@ -438,7 +439,14 @@ static struct db_record *db_ctdb_fetch_locked_persistent(struct db_ctdb_ctx *ctx } /* destroy this transaction when we release the lock */ - talloc_set_destructor((struct db_record *)talloc_new(rec), db_ctdb_record_destructor); + recp = talloc(rec, struct db_record *); + if (recp == NULL) { + ctx->db->transaction_cancel(ctx->db); + talloc_free(rec); + return NULL; + } + *recp = rec; + talloc_set_destructor(recp, db_ctdb_record_destructor); return rec; } diff --git a/source3/lib/debug.c b/source3/lib/debug.c index d835ea7c17..d91b55dd23 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -578,7 +578,9 @@ void setup_logging(const char *pname, bool interactive) stdout_logging = False; if (dbf) { x_fflush(dbf); - (void) x_fclose(dbf); + if (dbf != x_stdout) { + (void) x_fclose(dbf); + } } dbf = NULL; diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index 67392e4568..5427a8173e 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -118,7 +118,7 @@ char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type) /**************************************************************************** display sec_access structure ****************************************************************************/ -void display_sec_access(SEC_ACCESS *info) +void display_sec_access(uint32_t *info) { char *mask_str = get_sec_mask_str(NULL, *info); printf("\t\tPermissions: 0x%x: %s\n", *info, mask_str ? mask_str : ""); diff --git a/source3/lib/dummysmbd.c b/source3/lib/dummysmbd.c index dbe886e3d1..5c624bdebf 100644 --- a/source3/lib/dummysmbd.c +++ b/source3/lib/dummysmbd.c @@ -51,3 +51,18 @@ NTSTATUS can_delete_directory(struct connection_struct *conn, { return NT_STATUS_OK; } + +bool change_to_root_user(void) +{ + return false; +} + +struct event_context *smbd_event_context(void) +{ + return NULL; +} + +struct messaging_context *smbd_messaging_context(void) +{ + return NULL; +} diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c index 2cd2386c5c..9adb237096 100644 --- a/source3/lib/errmap_unix.c +++ b/source3/lib/errmap_unix.c @@ -128,3 +128,139 @@ NTSTATUS map_nt_error_from_unix(int unix_error) /* Default return */ return NT_STATUS_ACCESS_DENIED; } + +/* Return a UNIX errno from a NT status code */ +static const struct { + NTSTATUS status; + int error; +} nt_errno_map[] = { + {NT_STATUS_ACCESS_VIOLATION, EACCES}, + {NT_STATUS_INVALID_HANDLE, EBADF}, + {NT_STATUS_ACCESS_DENIED, EACCES}, + {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT}, + {NT_STATUS_OBJECT_PATH_NOT_FOUND, ENOENT}, + {NT_STATUS_SHARING_VIOLATION, EBUSY}, + {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR}, + {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST}, + {NT_STATUS_PATH_NOT_COVERED, ENOENT}, + {NT_STATUS_UNSUCCESSFUL, EINVAL}, + {NT_STATUS_NOT_IMPLEMENTED, ENOSYS}, + {NT_STATUS_IN_PAGE_ERROR, EFAULT}, + {NT_STATUS_BAD_NETWORK_NAME, ENOENT}, +#ifdef EDQUOT + {NT_STATUS_PAGEFILE_QUOTA, EDQUOT}, + {NT_STATUS_QUOTA_EXCEEDED, EDQUOT}, + {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT}, + {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT}, +#endif +#ifdef ETIME + {NT_STATUS_TIMER_NOT_CANCELED, ETIME}, +#endif + {NT_STATUS_INVALID_PARAMETER, EINVAL}, + {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, + {NT_STATUS_NO_SUCH_FILE, ENOENT}, +#ifdef ENODATA + {NT_STATUS_END_OF_FILE, ENODATA}, +#endif +#ifdef ENOMEDIUM + {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, + {NT_STATUS_NO_MEDIA, ENOMEDIUM}, +#endif + {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, + {NT_STATUS_NO_MEMORY, ENOMEM}, + {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE}, + {NT_STATUS_NOT_MAPPED_VIEW, EINVAL}, + {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE}, + {NT_STATUS_ACCESS_DENIED, EACCES}, + {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS}, + {NT_STATUS_WRONG_PASSWORD, EACCES}, + {NT_STATUS_LOGON_FAILURE, EACCES}, + {NT_STATUS_INVALID_WORKSTATION, EACCES}, + {NT_STATUS_INVALID_LOGON_HOURS, EACCES}, + {NT_STATUS_PASSWORD_EXPIRED, EACCES}, + {NT_STATUS_ACCOUNT_DISABLED, EACCES}, + {NT_STATUS_DISK_FULL, ENOSPC}, + {NT_STATUS_INVALID_PIPE_STATE, EPIPE}, + {NT_STATUS_PIPE_BUSY, EPIPE}, + {NT_STATUS_PIPE_DISCONNECTED, EPIPE}, + {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS}, + {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR}, + {NT_STATUS_NOT_SUPPORTED, ENOSYS}, + {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR}, + {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY}, + {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH}, + {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH}, + {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED}, + {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED}, + {NT_STATUS_TOO_MANY_LINKS, EMLINK}, + {NT_STATUS_NETWORK_BUSY, EBUSY}, + {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV}, +#ifdef ELIBACC + {NT_STATUS_DLL_NOT_FOUND, ELIBACC}, +#endif + {NT_STATUS_PIPE_BROKEN, EPIPE}, + {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED}, + {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES}, + {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE}, +#ifdef EPROTO + {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO}, +#endif + {NT_STATUS_FLOAT_OVERFLOW, ERANGE}, + {NT_STATUS_FLOAT_UNDERFLOW, ERANGE}, + {NT_STATUS_INTEGER_OVERFLOW, ERANGE}, + {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS}, + {NT_STATUS_PIPE_CONNECTED, EISCONN}, + {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT}, + {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE}, + {NT_STATUS_ILL_FORMED_PASSWORD, EACCES}, + {NT_STATUS_PASSWORD_RESTRICTION, EACCES}, + {NT_STATUS_ACCOUNT_RESTRICTION, EACCES}, + {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED}, + {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG}, + {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN}, + {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED}, + {NT_STATUS_CONNECTION_RESET, ENETRESET}, +#ifdef ENOTUNIQ + {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ}, + {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ}, +#endif + {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE}, + {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT}, + {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE}, + {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH}, + {NT_STATUS_IO_TIMEOUT, ETIMEDOUT}, + {NT_STATUS_RETRY, EAGAIN}, +#ifdef ENOTUNIQ + {NT_STATUS_DUPLICATE_NAME, ENOTUNIQ}, +#endif +#ifdef ECOMM + {NT_STATUS_NET_WRITE_FAULT, ECOMM}, +#endif +#ifdef EXDEV + {NT_STATUS_NOT_SAME_DEVICE, EXDEV}, +#endif + {NT_STATUS(0), 0} +}; + +int map_errno_from_nt_status(NTSTATUS status) +{ + int i; + DEBUG(10,("map_errno_from_nt_status: 32 bit codes: code=%08x\n", + NT_STATUS_V(status))); + + /* Status codes without this bit set are not errors */ + + if (!(NT_STATUS_V(status) & 0xc0000000)) { + return 0; + } + + for (i=0;nt_errno_map[i].error;i++) { + if (NT_STATUS_V(nt_errno_map[i].status) == + NT_STATUS_V(status)) { + return nt_errno_map[i].error; + } + } + + /* for all other cases - a default code */ + return EINVAL; +} diff --git a/source3/lib/hmacmd5.c b/source3/lib/hmacmd5.c deleted file mode 100644 index 86db3aa236..0000000000 --- a/source3/lib/hmacmd5.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - Unix SMB/CIFS implementation. - HMAC MD5 code for use in NTLMv2 - Copyright (C) Luke Kenneth Casson Leighton 1996-2000 - Copyright (C) Andrew Tridgell 1992-2000 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* taken direct from rfc2104 implementation and modified for suitable use - * for ntlmv2. - */ - -#include "includes.h" - -/*********************************************************************** - the rfc 2104 version of hmac_md5 initialisation. -***********************************************************************/ - -void hmac_md5_init_rfc2104(const unsigned char *key, int key_len, HMACMD5Context *ctx) -{ - int i; - unsigned char tk[16]; - - /* if key is longer than 64 bytes reset it to key=MD5(key) */ - if (key_len > 64) { - struct MD5Context tctx; - - MD5Init(&tctx); - MD5Update(&tctx, key, key_len); - MD5Final(tk, &tctx); - - key = tk; - key_len = 16; - } - - /* start out by storing key in pads */ - ZERO_STRUCT(ctx->k_ipad); - ZERO_STRUCT(ctx->k_opad); - memcpy( ctx->k_ipad, key, key_len); - memcpy( ctx->k_opad, key, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - MD5Init(&ctx->ctx); - MD5Update(&ctx->ctx, ctx->k_ipad, 64); -} - -/*********************************************************************** - the microsoft version of hmac_md5 initialisation. -***********************************************************************/ - -void hmac_md5_init_limK_to_64(const unsigned char* key, int key_len, - HMACMD5Context *ctx) -{ - int i; - - /* if key is longer than 64 bytes truncate it */ - if (key_len > 64) { - key_len = 64; - } - - /* start out by storing key in pads */ - ZERO_STRUCT(ctx->k_ipad); - ZERO_STRUCT(ctx->k_opad); - memcpy( ctx->k_ipad, key, key_len); - memcpy( ctx->k_opad, key, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - MD5Init(&ctx->ctx); - MD5Update(&ctx->ctx, ctx->k_ipad, 64); -} - -/*********************************************************************** - update hmac_md5 "inner" buffer -***********************************************************************/ - -void hmac_md5_update(const unsigned char *text, int text_len, HMACMD5Context *ctx) -{ - MD5Update(&ctx->ctx, text, text_len); /* then text of datagram */ -} - -/*********************************************************************** - finish off hmac_md5 "inner" buffer and generate outer one. -***********************************************************************/ -void hmac_md5_final(unsigned char *digest, HMACMD5Context *ctx) - -{ - struct MD5Context ctx_o; - - MD5Final(digest, &ctx->ctx); - - MD5Init(&ctx_o); - MD5Update(&ctx_o, ctx->k_opad, 64); - MD5Update(&ctx_o, digest, 16); - MD5Final(digest, &ctx_o); -} - -/*********************************************************** - single function to calculate an HMAC MD5 digest from data. - use the microsoft hmacmd5 init method because the key is 16 bytes. -************************************************************/ - -void hmac_md5( unsigned char key[16], const unsigned char *data, int data_len, - unsigned char *digest) -{ - HMACMD5Context ctx; - hmac_md5_init_limK_to_64(key, 16, &ctx); - if (data_len != 0) - { - hmac_md5_update(data, data_len, &ctx); - } - hmac_md5_final(digest, &ctx); -} - diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index 743711b967..c8aa6afdfc 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -787,6 +787,7 @@ int ldb_search(struct ldb_context *ldb, done: if (ret != LDB_SUCCESS) { talloc_free(res); + res = NULL; } *_res = res; diff --git a/source3/lib/md4.c b/source3/lib/md4.c deleted file mode 100644 index bae0091e36..0000000000 --- a/source3/lib/md4.c +++ /dev/null @@ -1,174 +0,0 @@ -/* - Unix SMB/CIFS implementation. - a implementation of MD4 designed for use in the SMB authentication protocol - Copyright (C) Andrew Tridgell 1997-1998. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -/* NOTE: This code makes no attempt to be fast! - - It assumes that a int is at least 32 bits long -*/ - -#if 0 -static uint32 A, B, C, D; -#else -#define A (state[0]) -#define B (state[1]) -#define C (state[2]) -#define D (state[3]) -#endif - -static uint32 F(uint32 X, uint32 Y, uint32 Z) -{ - return (X&Y) | ((~X)&Z); -} - -static uint32 G(uint32 X, uint32 Y, uint32 Z) -{ - return (X&Y) | (X&Z) | (Y&Z); -} - -static uint32 H(uint32 X, uint32 Y, uint32 Z) -{ - return X^Y^Z; -} - -static uint32 lshift(uint32 x, int s) -{ - x &= 0xFFFFFFFF; - return ((x<<s)&0xFFFFFFFF) | (x>>(32-s)); -} - -#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s) -#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32)0x5A827999,s) -#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s) - -/* this applies md4 to 64 byte chunks */ -static void mdfour64(uint32_t *state, uint32 *M) -{ - int j; - uint32 AA, BB, CC, DD; - uint32 X[16]; - - for (j=0;j<16;j++) - X[j] = M[j]; - - AA = A; BB = B; CC = C; DD = D; - - ROUND1(A,B,C,D, 0, 3); ROUND1(D,A,B,C, 1, 7); - ROUND1(C,D,A,B, 2, 11); ROUND1(B,C,D,A, 3, 19); - ROUND1(A,B,C,D, 4, 3); ROUND1(D,A,B,C, 5, 7); - ROUND1(C,D,A,B, 6, 11); ROUND1(B,C,D,A, 7, 19); - ROUND1(A,B,C,D, 8, 3); ROUND1(D,A,B,C, 9, 7); - ROUND1(C,D,A,B, 10, 11); ROUND1(B,C,D,A, 11, 19); - ROUND1(A,B,C,D, 12, 3); ROUND1(D,A,B,C, 13, 7); - ROUND1(C,D,A,B, 14, 11); ROUND1(B,C,D,A, 15, 19); - - ROUND2(A,B,C,D, 0, 3); ROUND2(D,A,B,C, 4, 5); - ROUND2(C,D,A,B, 8, 9); ROUND2(B,C,D,A, 12, 13); - ROUND2(A,B,C,D, 1, 3); ROUND2(D,A,B,C, 5, 5); - ROUND2(C,D,A,B, 9, 9); ROUND2(B,C,D,A, 13, 13); - ROUND2(A,B,C,D, 2, 3); ROUND2(D,A,B,C, 6, 5); - ROUND2(C,D,A,B, 10, 9); ROUND2(B,C,D,A, 14, 13); - ROUND2(A,B,C,D, 3, 3); ROUND2(D,A,B,C, 7, 5); - ROUND2(C,D,A,B, 11, 9); ROUND2(B,C,D,A, 15, 13); - - ROUND3(A,B,C,D, 0, 3); ROUND3(D,A,B,C, 8, 9); - ROUND3(C,D,A,B, 4, 11); ROUND3(B,C,D,A, 12, 15); - ROUND3(A,B,C,D, 2, 3); ROUND3(D,A,B,C, 10, 9); - ROUND3(C,D,A,B, 6, 11); ROUND3(B,C,D,A, 14, 15); - ROUND3(A,B,C,D, 1, 3); ROUND3(D,A,B,C, 9, 9); - ROUND3(C,D,A,B, 5, 11); ROUND3(B,C,D,A, 13, 15); - ROUND3(A,B,C,D, 3, 3); ROUND3(D,A,B,C, 11, 9); - ROUND3(C,D,A,B, 7, 11); ROUND3(B,C,D,A, 15, 15); - - A += AA; B += BB; C += CC; D += DD; - - A &= 0xFFFFFFFF; B &= 0xFFFFFFFF; - C &= 0xFFFFFFFF; D &= 0xFFFFFFFF; - - for (j=0;j<16;j++) - X[j] = 0; -} - -static void copy64(uint32 *M, const unsigned char *in) -{ - int i; - - for (i=0;i<16;i++) - M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) | - (in[i*4+1]<<8) | (in[i*4+0]<<0); -} - -static void copy4(unsigned char *out, uint32 x) -{ - out[0] = x&0xFF; - out[1] = (x>>8)&0xFF; - out[2] = (x>>16)&0xFF; - out[3] = (x>>24)&0xFF; -} - -/* produce a md4 message digest from data of length n bytes */ -void mdfour(unsigned char *out, const unsigned char *in, int n) -{ - unsigned char buf[128]; - uint32 M[16]; - uint32 state[4]; - uint32 b = n * 8; - int i; - - A = 0x67452301; - B = 0xefcdab89; - C = 0x98badcfe; - D = 0x10325476; - - while (n > 64) { - copy64(M, in); - mdfour64(state, M); - in += 64; - n -= 64; - } - - for (i=0;i<128;i++) - buf[i] = 0; - memcpy(buf, in, n); - buf[n] = 0x80; - - if (n <= 55) { - copy4(buf+56, b); - copy64(M, buf); - mdfour64(state, M); - } else { - copy4(buf+120, b); - copy64(M, buf); - mdfour64(state, M); - copy64(M, buf+64); - mdfour64(state, M); - } - - for (i=0;i<128;i++) - buf[i] = 0; - copy64(M, buf); - - copy4(out, A); - copy4(out+4, B); - copy4(out+8, C); - copy4(out+12, D); -} - - diff --git a/source3/lib/md5.c b/source3/lib/md5.c deleted file mode 100644 index 2121b17047..0000000000 --- a/source3/lib/md5.c +++ /dev/null @@ -1,247 +0,0 @@ -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - */ - -/* This code slightly modified to fit into Samba by - abartlet@samba.org Jun 2001 */ - -#include "includes.h" - -#include "md5.h" - -static void MD5Transform(uint32 buf[4], uint32 const in[16]); - -/* - * Note: this code is harmless on little-endian machines. - */ -static void byteReverse(unsigned char *buf, unsigned longs) -{ - uint32 t; - do { - t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | - ((unsigned) buf[1] << 8 | buf[0]); - *(uint32 *) buf = t; - buf += 4; - } while (--longs); -} - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void MD5Init(struct MD5Context *ctx) -{ - ctx->buf[0] = 0x67452301; - ctx->buf[1] = 0xefcdab89; - ctx->buf[2] = 0x98badcfe; - ctx->buf[3] = 0x10325476; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) -{ - register uint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = t + ((uint32) len << 3)) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - unsigned char *p = (unsigned char *) ctx->in + t; - - t = 64 - t; - if (len < t) { - memmove(p, buf, len); - return; - } - memmove(p, buf, t); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, (uint32 *) ctx->in); - buf += t; - len -= t; - } - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memmove(ctx->in, buf, 64); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, (uint32 *) ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memmove(ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void MD5Final(unsigned char digest[16], struct MD5Context *ctx) -{ - unsigned int count; - unsigned char *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - byteReverse(ctx->in, 16); - MD5Transform(ctx->buf, (uint32 *) ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count - 8); - } - byteReverse(ctx->in, 14); - - /* Append length in bits and transform */ - ((uint32 *) ctx->in)[14] = ctx->bits[0]; - ((uint32 *) ctx->in)[15] = ctx->bits[1]; - - MD5Transform(ctx->buf, (uint32 *) ctx->in); - byteReverse((unsigned char *) ctx->buf, 4); - memmove(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ -} - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -static void MD5Transform(uint32 buf[4], uint32 const in[16]) -{ - register uint32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} diff --git a/source3/lib/messages_local.c b/source3/lib/messages_local.c index f436afc2ff..9f7f88f783 100644 --- a/source3/lib/messages_local.c +++ b/source3/lib/messages_local.c @@ -160,7 +160,7 @@ static NTSTATUS messaging_tdb_fetch(TDB_CONTEXT *msg_tdb, blob = data_blob_const(data.dptr, data.dsize); ndr_err = ndr_pull_struct_blob( - &blob, result, result, + &blob, result, NULL, result, (ndr_pull_flags_fn_t)ndr_pull_messaging_array); SAFE_FREE(data.dptr); @@ -203,7 +203,7 @@ static NTSTATUS messaging_tdb_store(TDB_CONTEXT *msg_tdb, } ndr_err = ndr_push_struct_blob( - &blob, mem_ctx, array, + &blob, mem_ctx, NULL, array, (ndr_push_flags_fn_t)ndr_push_messaging_array); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { diff --git a/source3/lib/netapi/examples/user/user_modalsset.c b/source3/lib/netapi/examples/user/user_modalsset.c index 57e1ef70ea..c6958a9012 100644 --- a/source3/lib/netapi/examples/user/user_modalsset.c +++ b/source3/lib/netapi/examples/user/user_modalsset.c @@ -95,6 +95,7 @@ int main(int argc, const char **argv) case 1: case 2: case 3: + break; case 1001: u1001.usrmod1001_min_passwd_len = 0; buffer = (uint8_t *)&u1001; diff --git a/source3/lib/netapi/file.c b/source3/lib/netapi/file.c index 036af32f38..0d66be0eb1 100644 --- a/source3/lib/netapi/file.c +++ b/source3/lib/netapi/file.c @@ -47,7 +47,8 @@ WERROR NetFileClose_r(struct libnetapi_ctx *ctx, r->in.server_name, r->in.fileid, &werr); - if (!W_ERROR_IS_OK(werr)) { + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); goto done; } diff --git a/source3/lib/netapi/getdc.c b/source3/lib/netapi/getdc.c index 07a6544af1..76c0d0be2a 100644 --- a/source3/lib/netapi/getdc.c +++ b/source3/lib/netapi/getdc.c @@ -58,6 +58,10 @@ WERROR NetGetDCName_r(struct libnetapi_ctx *ctx, r->in.domain_name, (const char **)r->out.buffer, &werr); + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + } done: return werr; diff --git a/source3/lib/netapi/share.c b/source3/lib/netapi/share.c index 1d0e1810f1..e6aed36064 100644 --- a/source3/lib/netapi/share.c +++ b/source3/lib/netapi/share.c @@ -271,7 +271,8 @@ WERROR NetShareDel_r(struct libnetapi_ctx *ctx, r->in.net_name, r->in.reserved, &werr); - if (!W_ERROR_IS_OK(werr)) { + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); goto done; } diff --git a/source3/lib/netapi/tests/Makefile.in b/source3/lib/netapi/tests/Makefile.in index 0145753212..659f82c9d8 100644 --- a/source3/lib/netapi/tests/Makefile.in +++ b/source3/lib/netapi/tests/Makefile.in @@ -44,7 +44,7 @@ bin/.dummy: CMDLINE_OBJ = common.o NETAPIBUFFER_OBJ = netapibuffer.o -NETAPITEST_OBJ = netapitest.o netlocalgroup.o netuser.o netgroup.o netdisplay.o netshare.o $(CMDLINE_OBJ) +NETAPITEST_OBJ = netapitest.o netlocalgroup.o netuser.o netgroup.o netdisplay.o netshare.o netfile.o $(CMDLINE_OBJ) bin/netapitest@EXEEXT@: $(BINARY_PREREQS) $(NETAPITEST_OBJ) @echo Linking $@ diff --git a/source3/lib/netapi/tests/common.h b/source3/lib/netapi/tests/common.h index 5a320321ba..9320840909 100644 --- a/source3/lib/netapi/tests/common.h +++ b/source3/lib/netapi/tests/common.h @@ -41,6 +41,8 @@ NET_API_STATUS netapitest_display(struct libnetapi_ctx *ctx, const char *hostname); NET_API_STATUS netapitest_share(struct libnetapi_ctx *ctx, const char *hostname); +NET_API_STATUS netapitest_file(struct libnetapi_ctx *ctx, + const char *hostname); #ifndef ARRAY_SIZE #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0])) diff --git a/source3/lib/netapi/tests/netapitest.c b/source3/lib/netapi/tests/netapitest.c index 87144020f5..4a38f721d8 100644 --- a/source3/lib/netapi/tests/netapitest.c +++ b/source3/lib/netapi/tests/netapitest.c @@ -84,6 +84,11 @@ int main(int argc, const char **argv) goto out; } + status = netapitest_file(ctx, hostname); + if (status) { + goto out; + } + out: if (status != 0) { printf("testsuite failed with: %s\n", diff --git a/source3/lib/netapi/tests/netfile.c b/source3/lib/netapi/tests/netfile.c new file mode 100644 index 0000000000..36ee8288ee --- /dev/null +++ b/source3/lib/netapi/tests/netfile.c @@ -0,0 +1,143 @@ +/* + * Unix SMB/CIFS implementation. + * NetFile testsuite + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <sys/types.h> +#include <inttypes.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <netapi.h> + +#include "common.h" + +static NET_API_STATUS test_netfileenum(const char *hostname, + uint32_t level) +{ + NET_API_STATUS status; + uint32_t entries_read = 0; + uint32_t total_entries = 0; + uint32_t resume_handle = 0; + uint8_t *buffer = NULL; + int i; + + struct FILE_INFO_2 *i2; + struct FILE_INFO_3 *i3; + + printf("testing NetFileEnum level %d\n", level); + + do { + status = NetFileEnum(hostname, + NULL, + NULL, + level, + &buffer, + (uint32_t)-1, + &entries_read, + &total_entries, + &resume_handle); + if (status == 0 || status == ERROR_MORE_DATA) { + switch (level) { + case 2: + i2 = (struct FILE_INFO_2 *)buffer; + break; + case 3: + i3 = (struct FILE_INFO_3 *)buffer; + break; + default: + return -1; + } + + for (i=0; i<entries_read; i++) { + + switch (level) { + case 2: + case 3: + break; + default: + break; + } + + switch (level) { + case 2: + i2++; + break; + case 3: + i3++; + break; + } + } + NetApiBufferFree(buffer); + } + } while (status == ERROR_MORE_DATA); + + if (status) { + return status; + } + + return 0; +} + +NET_API_STATUS netapitest_file(struct libnetapi_ctx *ctx, + const char *hostname) +{ + NET_API_STATUS status = 0; + uint8_t *buffer = NULL; + uint32_t levels[] = { 2, 3 }; + uint32_t enum_levels[] = { 2, 3 }; + int i; + + printf("NetFile tests\n"); + + /* test enum */ + + for (i=0; i<ARRAY_SIZE(enum_levels); i++) { + + status = test_netfileenum(hostname, enum_levels[i]); + if (status) { + NETAPI_STATUS(ctx, status, "NetFileEnum"); + goto out; + } + } + + /* basic queries */ +#if 0 + for (i=0; i<ARRAY_SIZE(levels); i++) { + + printf("testing NetFileGetInfo level %d\n", levels[i]); + + status = NetFileGetInfo(hostname, fid, levels[i], &buffer); + if (status && status != 124) { + NETAPI_STATUS(ctx, status, "NetFileGetInfo"); + goto out; + } + } +#endif + + status = 0; + + printf("NetFile tests succeeded\n"); + out: + if (status != 0) { + printf("NetFile testsuite failed with: %s\n", + libnetapi_get_error_string(ctx, status)); + } + + return status; +} diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7d0c47f331..fcb87b77be 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -108,18 +108,18 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_workstations, infoX->usriX_usr_comment, &zero_parameters, - 0, + infoX->usriX_user_id, infoX->usriX_primary_group_id, infoX->usriX_flags, fields_present, zero_logon_hours, - 0, - 0, + infoX->usriX_bad_pw_count, + infoX->usriX_num_logons, infoX->usriX_country_code, + infoX->usriX_code_page, 0, 0, - 0, - 0); + infoX->usriX_password_expired); } /**************************************************************** @@ -132,6 +132,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_0 *u0 = NULL; struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; + struct USER_INFO_3 *u3 = NULL; struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1006 *u1006 = NULL; struct USER_INFO_1007 *u1007 = NULL; @@ -193,6 +194,37 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, uX->usriX_country_code = u2->usri2_country_code; uX->usriX_code_page = u2->usri2_code_page; break; + case 3: + u3 = (struct USER_INFO_3 *)buffer; + uX->usriX_name = u3->usri3_name; + uX->usriX_password_age = u3->usri3_password_age; + uX->usriX_priv = u3->usri3_priv; + uX->usriX_home_dir = u3->usri3_home_dir; + uX->usriX_comment = u3->usri3_comment; + uX->usriX_flags = u3->usri3_flags; + uX->usriX_script_path = u3->usri3_script_path; + uX->usriX_auth_flags = u3->usri3_auth_flags; + uX->usriX_full_name = u3->usri3_full_name; + uX->usriX_usr_comment = u3->usri3_usr_comment; + uX->usriX_parms = u3->usri3_parms; + uX->usriX_workstations = u3->usri3_workstations; + uX->usriX_last_logon = u3->usri3_last_logon; + uX->usriX_last_logoff = u3->usri3_last_logoff; + uX->usriX_acct_expires = u3->usri3_acct_expires; + uX->usriX_max_storage = u3->usri3_max_storage; + uX->usriX_units_per_week= u3->usri3_units_per_week; + uX->usriX_logon_hours = u3->usri3_logon_hours; + uX->usriX_bad_pw_count = u3->usri3_bad_pw_count; + uX->usriX_num_logons = u3->usri3_num_logons; + uX->usriX_logon_server = u3->usri3_logon_server; + uX->usriX_country_code = u3->usri3_country_code; + uX->usriX_code_page = u3->usri3_code_page; + uX->usriX_user_id = u3->usri3_user_id; + uX->usriX_primary_group_id = u3->usri3_primary_group_id; + uX->usriX_profile = u3->usri3_profile; + uX->usriX_home_dir_drive = u3->usri3_home_dir_drive; + uX->usriX_password_expired = u3->usri3_password_expired; + break; case 1003: u1003 = (struct USER_INFO_1003 *)buffer; uX->usriX_password = u1003->usri1003_password; @@ -237,7 +269,6 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1053 = (struct USER_INFO_1053 *)buffer; uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive; break; - case 3: case 4: default: return NT_STATUS_INVALID_INFO_CLASS; @@ -1753,9 +1784,17 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | SAMR_USER_ACCESS_GET_GROUPS; break; + case 3: + user_mask = STD_RIGHT_READ_CONTROL_ACCESS | + STD_RIGHT_WRITE_DAC_ACCESS | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_SET_PASSWORD | + SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_ATTRIBUTES | + SAMR_USER_ACCESS_SET_LOC_COM; + break; case 1: case 2: - case 3: case 4: case 21: case 22: diff --git a/source3/lib/readline.c b/source3/lib/readline.c index 254f55c86a..cafb5a9f62 100644 --- a/source3/lib/readline.c +++ b/source3/lib/readline.c @@ -45,6 +45,24 @@ # define RL_COMPLETION_CAST #endif /* HAVE_NEW_LIBREADLINE */ +static bool smb_rl_done; + +#if HAVE_LIBREADLINE +/* + * MacOS/X does not have rl_done in readline.h, but + * readline.so has it + */ +extern int rl_done; +#endif + +void smb_readline_done(void) +{ + smb_rl_done = true; +#if HAVE_LIBREADLINE + rl_done = 1; +#endif +} + /**************************************************************************** Display the prompt and wait for input. Call callback() regularly ****************************************************************************/ @@ -69,7 +87,7 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) return NULL; } - while (1) { + while (!smb_rl_done) { timeout.tv_sec = 5; timeout.tv_usec = 0; @@ -87,6 +105,7 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) callback(); } } + return NULL; } /**************************************************************************** diff --git a/source3/lib/secace.c b/source3/lib/secace.c index 8760a6109a..9f5a0c02ba 100644 --- a/source3/lib/secace.c +++ b/source3/lib/secace.c @@ -55,7 +55,7 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src) ********************************************************************/ void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, enum security_ace_type type, - uint32 mask, uint8 flag) + uint32_t mask, uint8 flag) { t->type = type; t->flags = flag; diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 44ae23271e..52ff067d6a 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -249,7 +249,7 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, enum ndr_err_code ndr_err; ndr_err = ndr_push_struct_blob( - &blob, mem_ctx, secdesc, + &blob, mem_ctx, NULL, secdesc, (ndr_push_flags_fn_t)ndr_push_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -285,7 +285,7 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, blob = data_blob_const(data, len); ndr_err = ndr_pull_struct_blob( - &blob, result, result, + &blob, result, NULL, result, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -512,7 +512,7 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, if (!inherit) continue; - init_sec_access(&new_ace->access_mask, ace->access_mask); + new_ace->access_mask = ace->access_mask; init_sec_ace(new_ace, &ace->trustee, ace->type, new_ace->access_mask, new_flags); @@ -546,14 +546,3 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, return sdb; } - -/******************************************************************* - Sets up a SEC_ACCESS structure. -********************************************************************/ - -void init_sec_access(uint32 *t, uint32 mask) -{ - *t = mask; -} - - diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c index 33f66ca47f..298655e181 100644 --- a/source3/lib/sharesec.c +++ b/source3/lib/sharesec.c @@ -124,7 +124,7 @@ static bool share_info_db_init(void) SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def_access) { - SEC_ACCESS sa; + uint32_t sa; SEC_ACE ace; SEC_ACL *psa = NULL; SEC_DESC *psd = NULL; @@ -132,7 +132,7 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def se_map_generic(&spec_access, &file_generic_mapping); - init_sec_access(&sa, def_access | spec_access ); + sa = (def_access | spec_access ); init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) { @@ -332,7 +332,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) } for (i = 0; i < num_aces; i++) { - SEC_ACCESS sa; + uint32_t sa; uint32 g_access; uint32 s_access; DOM_SID sid; @@ -380,7 +380,7 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) pacl++; /* Go past any ',' */ se_map_generic(&s_access, &file_generic_mapping); - init_sec_access(&sa, g_access | s_access ); + sa = (g_access | s_access); init_sec_ace(&ace_list[i], &sid, type, sa, 0); } diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 87e70bb95b..7e461556b3 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -30,7 +30,7 @@ extern NT_USER_TOKEN anonymous_token; static uint32 check_ace(SEC_ACE *ace, const NT_USER_TOKEN *token, uint32 acc_desired, NTSTATUS *status) { - uint32 mask = ace->access_mask; + uint32_t mask = ace->access_mask; /* * Inherit only is ignored. @@ -176,6 +176,24 @@ void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping) } } +/* Map generic access rights to object specific rights for all the ACE's + * in a security_acl. + */ + +void security_acl_map_generic(struct security_acl *sa, + const struct generic_mapping *mapping) +{ + unsigned int i; + + if (!sa) { + return; + } + + for (i = 0; i < sa->num_aces; i++) { + se_map_generic(&sa->aces[i].access_mask, mapping); + } +} + /* Map standard access rights to object specific rights. This technique is used to give meaning to assigning read, write, execute and all access to objects. Each type of object has its own mapping of standard to object @@ -328,7 +346,6 @@ NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) DOM_SID act_sid; SEC_ACE ace[3]; - SEC_ACCESS mask; SEC_ACL *psa = NULL; @@ -339,13 +356,14 @@ NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); /*basic access for every one*/ - init_sec_access(&mask, GENERIC_RIGHTS_SAM_EXECUTE | GENERIC_RIGHTS_SAM_READ); - init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, + GENERIC_RIGHTS_SAM_EXECUTE | GENERIC_RIGHTS_SAM_READ, 0); /*full access for builtin aliases Administrators and Account Operators*/ - init_sec_access(&mask, GENERIC_RIGHTS_SAM_ALL_ACCESS); - init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[1], &adm_sid, + SEC_ACE_TYPE_ACCESS_ALLOWED, GENERIC_RIGHTS_SAM_ALL_ACCESS, 0); + init_sec_ace(&ace[2], &act_sid, + SEC_ACE_TYPE_ACCESS_ALLOWED, GENERIC_RIGHTS_SAM_ALL_ACCESS, 0); if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) return NT_STATUS_NO_MEMORY; diff --git a/source3/libaddns/dnsmarshall.c b/source3/libaddns/dnsmarshall.c index 8c3389eb9b..5530290c57 100644 --- a/source3/libaddns/dnsmarshall.c +++ b/source3/libaddns/dnsmarshall.c @@ -252,6 +252,7 @@ void dns_unmarshall_domain_name(TALLOC_CTX *mem_ctx, if (!(name = talloc(mem_ctx, struct dns_domain_name))) { buf->error = ERROR_DNS_NO_MEMORY; + return; } dns_unmarshall_label(name, 0, buf, &name->pLabelList); diff --git a/source3/libaddns/dnsrecord.c b/source3/libaddns/dnsrecord.c index 500cbd6681..559c2644d4 100644 --- a/source3/libaddns/dnsrecord.c +++ b/source3/libaddns/dnsrecord.c @@ -378,10 +378,10 @@ DNS_ERROR dns_create_update_request(TALLOC_CTX *mem_ctx, if (!ERR_DNS_IS_OK(err)) return err; /* - * The zone must be used at all + * Use the same prereq as WinXP -- No CNAME records for this host. */ - err = dns_create_rrec(req, domainname, QTYPE_ANY, DNS_CLASS_ANY, + err = dns_create_rrec(req, hostname, QTYPE_CNAME, DNS_CLASS_NONE, 0, 0, NULL, &rec); if (!ERR_DNS_IS_OK(err)) goto error; diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c index 0bde3e6984..40f051c851 100644 --- a/source3/libads/authdata.c +++ b/source3/libads/authdata.c @@ -108,7 +108,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } ndr_err = ndr_pull_struct_blob(pac_data_blob, pac_data, - pac_data, + NULL, pac_data, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -124,7 +124,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } ndr_err = ndr_pull_struct_blob(pac_data_blob, pac_data_raw, - pac_data_raw, + NULL, pac_data_raw, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA_RAW); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -205,7 +205,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, /* We find the data blobs above, now we parse them to get at the exact portion we should zero */ ndr_err = ndr_pull_struct_blob(kdc_sig_blob, kdc_sig_wipe, - kdc_sig_wipe, + NULL, kdc_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -215,7 +215,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } ndr_err = ndr_pull_struct_blob(srv_sig_blob, srv_sig_wipe, - srv_sig_wipe, + NULL, srv_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -230,7 +230,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, /* and reencode, back into the same place it came from */ ndr_err = ndr_push_struct_blob(kdc_sig_blob, pac_data_raw, - kdc_sig_wipe, + NULL, kdc_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -239,7 +239,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, return status; } ndr_err = ndr_push_struct_blob(srv_sig_blob, pac_data_raw, - srv_sig_wipe, + NULL, srv_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -250,7 +250,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, /* push out the whole structure, but now with zero'ed signatures */ ndr_err = ndr_push_struct_blob(&modified_pac_blob, pac_data_raw, - pac_data_raw, + NULL, pac_data_raw, (ndr_push_flags_fn_t)ndr_push_PAC_DATA_RAW); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); diff --git a/source3/libads/cldap.c b/source3/libads/cldap.c index 11565065af..c37220c903 100644 --- a/source3/libads/cldap.c +++ b/source3/libads/cldap.c @@ -119,8 +119,8 @@ static void gotalarm_sig(void) */ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, int sock, - uint32_t *nt_version, - union nbt_cldap_netlogon **reply) + uint32_t nt_version, + struct netlogon_samlogon_response **reply) { int ret; ASN1_DATA data; @@ -131,7 +131,8 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, int i1; /* half the time of a regular ldap timeout, not less than 3 seconds. */ unsigned int al_secs = MAX(3,lp_ldap_timeout()/2); - union nbt_cldap_netlogon *r = NULL; + struct netlogon_samlogon_response *r = NULL; + NTSTATUS status; blob = data_blob(NULL, 8192); if (blob.data == NULL) { @@ -185,7 +186,7 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, return -1; } - r = TALLOC_ZERO_P(mem_ctx, union nbt_cldap_netlogon); + r = TALLOC_ZERO_P(mem_ctx, struct netlogon_samlogon_response); if (!r) { errno = ENOMEM; data_blob_free(&os1); @@ -195,7 +196,8 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, return -1; } - if (!pull_mailslot_cldap_reply(mem_ctx, &os3, r, nt_version)) { + status = pull_netlogon_samlogon_response(&os3, mem_ctx, NULL, r); + if (!NT_STATUS_IS_OK(status)) { data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); @@ -204,6 +206,8 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, return -1; } + map_netlogon_samlogon_response(r); + data_blob_free(&os1); data_blob_free(&os2); data_blob_free(&os3); @@ -227,8 +231,8 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx, bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx, const char *server, const char *realm, - uint32_t *nt_version, - union nbt_cldap_netlogon **reply) + uint32_t nt_version, + struct netlogon_samlogon_response **reply) { int sock; int ret; @@ -240,7 +244,7 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx, return False; } - ret = send_cldap_netlogon(sock, realm, global_myname(), *nt_version); + ret = send_cldap_netlogon(sock, realm, global_myname(), nt_version); if (ret != 0) { close(sock); return False; @@ -262,107 +266,24 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx, bool ads_cldap_netlogon_5(TALLOC_CTX *mem_ctx, const char *server, const char *realm, - struct nbt_cldap_netlogon_5 *reply5) + struct NETLOGON_SAM_LOGON_RESPONSE_EX *reply5) { - uint32_t nt_version = NETLOGON_VERSION_5 | NETLOGON_VERSION_5EX; - union nbt_cldap_netlogon *reply = NULL; + uint32_t nt_version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX; + struct netlogon_samlogon_response *reply = NULL; bool ret; - ret = ads_cldap_netlogon(mem_ctx, server, realm, &nt_version, &reply); + ret = ads_cldap_netlogon(mem_ctx, server, realm, nt_version, &reply); if (!ret) { return false; } - if (nt_version != (NETLOGON_VERSION_5 | NETLOGON_VERSION_5EX)) { + if (reply->ntver != NETLOGON_NT_VERSION_5EX) { + DEBUG(0,("ads_cldap_netlogon_5: nt_version mismatch: 0x%08x\n", + reply->ntver)); return false; } - *reply5 = reply->logon5; - - return true; -} - -/**************************************************************** -****************************************************************/ - -bool pull_mailslot_cldap_reply(TALLOC_CTX *mem_ctx, - const DATA_BLOB *blob, - union nbt_cldap_netlogon *r, - uint32_t *nt_version) -{ - enum ndr_err_code ndr_err; - uint32_t nt_version_query = ((*nt_version) & 0x0000001f); - uint16_t command = 0; - - ndr_err = ndr_pull_struct_blob(blob, mem_ctx, &command, - (ndr_pull_flags_fn_t)ndr_pull_uint16); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return false; - } - - switch (command) { - case 0x13: /* 19 */ - case 0x15: /* 21 */ - case 0x17: /* 23 */ - case 0x19: /* 25 */ - break; - default: - DEBUG(1,("got unexpected command: %d (0x%08x)\n", - command, command)); - return false; - } - - ndr_err = ndr_pull_union_blob_all(blob, mem_ctx, r, nt_version_query, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - goto done; - } - - /* when the caller requested just those nt_version bits that the server - * was able to reply to, we are fine and all done. otherwise we need to - * assume downgraded replies which are painfully parsed here - gd */ - - if (nt_version_query & NETLOGON_VERSION_WITH_CLOSEST_SITE) { - nt_version_query &= ~NETLOGON_VERSION_WITH_CLOSEST_SITE; - } - ndr_err = ndr_pull_union_blob_all(blob, mem_ctx, r, nt_version_query, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - goto done; - } - if (nt_version_query & NETLOGON_VERSION_5EX_WITH_IP) { - nt_version_query &= ~NETLOGON_VERSION_5EX_WITH_IP; - } - ndr_err = ndr_pull_union_blob_all(blob, mem_ctx, r, nt_version_query, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - goto done; - } - if (nt_version_query & NETLOGON_VERSION_5EX) { - nt_version_query &= ~NETLOGON_VERSION_5EX; - } - ndr_err = ndr_pull_union_blob_all(blob, mem_ctx, r, nt_version_query, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - goto done; - } - if (nt_version_query & NETLOGON_VERSION_5) { - nt_version_query &= ~NETLOGON_VERSION_5; - } - ndr_err = ndr_pull_union_blob_all(blob, mem_ctx, r, nt_version_query, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - goto done; - } - - return false; - - done: - if (DEBUGLEVEL >= 10) { - NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, nt_version_query, r); - } - - *nt_version = nt_version_query; + *reply5 = reply->data.nt5_ex; return true; } diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index eb45e3a0dd..40f052281d 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -176,7 +176,7 @@ bool ads_closest_dc(ADS_STRUCT *ads) static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) { char *srv; - struct nbt_cldap_netlogon_5 cldap_reply; + struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply; TALLOC_CTX *mem_ctx = NULL; bool ret = false; @@ -2828,6 +2828,7 @@ ADS_STATUS ads_domain_func_level(ADS_STRUCT *ads, uint32 *val) if ( (ads_s = ads_init( ads->server.realm, ads->server.workgroup, ads->server.ldap_server )) == NULL ) { + status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY); goto done; } ads_s->auth.flags = ADS_AUTH_ANON_BIND; diff --git a/source3/libads/util.c b/source3/libads/util.c index 72f5dee80c..d23c36f326 100644 --- a/source3/libads/util.c +++ b/source3/libads/util.c @@ -86,6 +86,8 @@ ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, server_realm = SMB_STRDUP(ads->config.realm); if (!server || !server_realm) { + SAFE_FREE(server); + SAFE_FREE(server_realm); return ADS_ERROR(LDAP_NO_MEMORY); } diff --git a/source3/libcli/nbt/libnbt.h b/source3/libcli/nbt/libnbt.h deleted file mode 100644 index d37a17c192..0000000000 --- a/source3/libcli/nbt/libnbt.h +++ /dev/null @@ -1,353 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - a raw async NBT library - - Copyright (C) Andrew Tridgell 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef __LIBNBT_H__ -#define __LIBNBT_H__ - -#include "librpc/gen_ndr/nbt.h" -#include "librpc/ndr/libndr.h" - -/* - possible states for pending requests -*/ -enum nbt_request_state {NBT_REQUEST_SEND, - NBT_REQUEST_WAIT, - NBT_REQUEST_DONE, - NBT_REQUEST_TIMEOUT, - NBT_REQUEST_ERROR}; - -/* - a nbt name request -*/ -struct nbt_name_request { - struct nbt_name_request *next, *prev; - - enum nbt_request_state state; - - NTSTATUS status; - - /* the socket this was on */ - struct nbt_name_socket *nbtsock; - - /* where to send the request */ - struct socket_address *dest; - - /* timeout between retries */ - int timeout; - - /* how many retries to send on timeout */ - int num_retries; - - /* whether we have received a WACK */ - bool received_wack; - - /* the timeout event */ - struct timed_event *te; - - /* the name transaction id */ - uint16_t name_trn_id; - - /* is it a reply? */ - bool is_reply; - - /* the encoded request */ - DATA_BLOB encoded; - - /* shall we allow multiple replies? */ - bool allow_multiple_replies; - - unsigned int num_replies; - struct nbt_name_reply { - struct nbt_name_packet *packet; - struct socket_address *dest; - } *replies; - - /* information on what to do on completion */ - struct { - void (*fn)(struct nbt_name_request *); - void *_private; - } async; -}; - - - -/* - context structure for operations on name queries -*/ -struct nbt_name_socket { - struct socket_context *sock; - struct event_context *event_ctx; -/* - struct smb_iconv_convenience *iconv_convenience; -*/ - /* a queue of requests pending to be sent */ - struct nbt_name_request *send_queue; - - /* the fd event */ - struct fd_event *fde; - - /* mapping from name_trn_id to pending event */ - struct idr_context *idr; - - /* how many requests are waiting for a reply */ - uint16_t num_pending; - - /* what to do with incoming request packets */ - struct { - void (*handler)(struct nbt_name_socket *, struct nbt_name_packet *, - struct socket_address *); - void *_private; - } incoming; - - /* what to do with unexpected replies */ - struct { - void (*handler)(struct nbt_name_socket *, struct nbt_name_packet *, - struct socket_address *); - void *_private; - } unexpected; -}; - - -/* a simple name query */ -struct nbt_name_query { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - bool broadcast; - bool wins_lookup; - int timeout; /* in seconds */ - int retries; - } in; - struct { - const char *reply_from; - struct nbt_name name; - int16_t num_addrs; - const char **reply_addrs; - } out; -}; - -/* a simple name status query */ -struct nbt_name_status { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - int timeout; /* in seconds */ - int retries; - } in; - struct { - const char *reply_from; - struct nbt_name name; - struct nbt_rdata_status status; - } out; -}; - -/* a name registration request */ -struct nbt_name_register { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - const char *address; - uint16_t nb_flags; - bool register_demand; - bool broadcast; - bool multi_homed; - uint32_t ttl; - int timeout; /* in seconds */ - int retries; - } in; - struct { - const char *reply_from; - struct nbt_name name; - const char *reply_addr; - uint8_t rcode; - } out; -}; - -/* a send 3 times then demand name broadcast name registration */ -struct nbt_name_register_bcast { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - const char *address; - uint16_t nb_flags; - uint32_t ttl; - } in; -}; - - -/* wins name register with multiple wins servers to try and multiple - addresses to register */ -struct nbt_name_register_wins { - struct { - struct nbt_name name; - const char **wins_servers; - uint16_t wins_port; - const char **addresses; - uint16_t nb_flags; - uint32_t ttl; - } in; - struct { - const char *wins_server; - uint8_t rcode; - } out; -}; - - - -/* a name refresh request */ -struct nbt_name_refresh { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - const char *address; - uint16_t nb_flags; - bool broadcast; - uint32_t ttl; - int timeout; /* in seconds */ - int retries; - } in; - struct { - const char *reply_from; - struct nbt_name name; - const char *reply_addr; - uint8_t rcode; - } out; -}; - -/* wins name refresh with multiple wins servers to try and multiple - addresses to register */ -struct nbt_name_refresh_wins { - struct { - struct nbt_name name; - const char **wins_servers; - uint16_t wins_port; - const char **addresses; - uint16_t nb_flags; - uint32_t ttl; - } in; - struct { - const char *wins_server; - uint8_t rcode; - } out; -}; - - -/* a name release request */ -struct nbt_name_release { - struct { - struct nbt_name name; - const char *dest_addr; - uint16_t dest_port; - const char *address; - uint16_t nb_flags; - bool broadcast; - int timeout; /* in seconds */ - int retries; - } in; - struct { - const char *reply_from; - struct nbt_name name; - const char *reply_addr; - uint8_t rcode; - } out; -}; - -struct nbt_name_socket *nbt_name_socket_init(TALLOC_CTX *mem_ctx, - struct event_context *event_ctx); - /*, - struct smb_iconv_convenience *iconv_convenience);*/ -struct nbt_name_request *nbt_name_query_send(struct nbt_name_socket *nbtsock, - struct nbt_name_query *io); -NTSTATUS nbt_name_query_recv(struct nbt_name_request *req, - TALLOC_CTX *mem_ctx, struct nbt_name_query *io); -NTSTATUS nbt_name_query(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, struct nbt_name_query *io); -struct nbt_name_request *nbt_name_status_send(struct nbt_name_socket *nbtsock, - struct nbt_name_status *io); -NTSTATUS nbt_name_status_recv(struct nbt_name_request *req, - TALLOC_CTX *mem_ctx, struct nbt_name_status *io); -NTSTATUS nbt_name_status(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, struct nbt_name_status *io); - -NTSTATUS nbt_name_dup(TALLOC_CTX *mem_ctx, struct nbt_name *name, struct nbt_name *newname); -NTSTATUS nbt_name_to_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct nbt_name *name); -NTSTATUS nbt_name_from_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct nbt_name *name); -void nbt_choose_called_name(TALLOC_CTX *mem_ctx, struct nbt_name *n, const char *name, int type); -char *nbt_name_string(TALLOC_CTX *mem_ctx, const struct nbt_name *name); -NTSTATUS nbt_name_register(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, struct nbt_name_register *io); -NTSTATUS nbt_name_refresh(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, struct nbt_name_refresh *io); -NTSTATUS nbt_name_release(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, struct nbt_name_release *io); -NTSTATUS nbt_name_register_wins(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, - struct nbt_name_register_wins *io); -NTSTATUS nbt_name_refresh_wins(struct nbt_name_socket *nbtsock, - TALLOC_CTX *mem_ctx, - struct nbt_name_refresh_wins *io); -NTSTATUS nbt_name_register_recv(struct nbt_name_request *req, - TALLOC_CTX *mem_ctx, struct nbt_name_register *io); -struct nbt_name_request *nbt_name_register_send(struct nbt_name_socket *nbtsock, - struct nbt_name_register *io); -NTSTATUS nbt_name_release_recv(struct nbt_name_request *req, - TALLOC_CTX *mem_ctx, struct nbt_name_release *io); - -struct nbt_name_request *nbt_name_release_send(struct nbt_name_socket *nbtsock, - struct nbt_name_release *io); - -NTSTATUS nbt_name_refresh_recv(struct nbt_name_request *req, - TALLOC_CTX *mem_ctx, struct nbt_name_refresh *io); - -NTSTATUS nbt_set_incoming_handler(struct nbt_name_socket *nbtsock, - void (*handler)(struct nbt_name_socket *, struct nbt_name_packet *, - struct socket_address *), - void *_private); -NTSTATUS nbt_name_reply_send(struct nbt_name_socket *nbtsock, - struct socket_address *dest, - struct nbt_name_packet *request); - - -NDR_SCALAR_PROTO(wrepl_nbt_name, const struct nbt_name *); -NDR_SCALAR_PROTO(nbt_string, const char *); -NDR_BUFFER_PROTO(nbt_name, struct nbt_name); -NTSTATUS nbt_rcode_to_ntstatus(uint8_t rcode); - -struct composite_context; -struct composite_context *nbt_name_register_bcast_send(struct nbt_name_socket *nbtsock, - struct nbt_name_register_bcast *io); -NTSTATUS nbt_name_register_bcast_recv(struct composite_context *c); -struct composite_context *nbt_name_register_wins_send(struct nbt_name_socket *nbtsock, - struct nbt_name_register_wins *io); -NTSTATUS nbt_name_refresh_wins_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, - struct nbt_name_refresh_wins *io); -struct composite_context *nbt_name_refresh_wins_send(struct nbt_name_socket *nbtsock, - struct nbt_name_refresh_wins *io); -NTSTATUS nbt_name_register_wins_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, - struct nbt_name_register_wins *io); - - -#endif /* __LIBNBT_H__ */ diff --git a/source3/libcli/nbt/nbtname.c b/source3/libcli/nbt/nbtname.c deleted file mode 100644 index fbb9550655..0000000000 --- a/source3/libcli/nbt/nbtname.c +++ /dev/null @@ -1,626 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - manipulate nbt name structures - - Copyright (C) Andrew Tridgell 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -/* - see rfc1002 for the detailed format of compressed names -*/ - -#include "includes.h" -#include "librpc/gen_ndr/ndr_nbt.h" -#include "librpc/gen_ndr/ndr_misc.h" - -/* don't allow an unlimited number of name components */ -#define MAX_COMPONENTS 10 - -/** - print a nbt string -*/ -_PUBLIC_ void ndr_print_nbt_string(struct ndr_print *ndr, const char *name, const char *s) -{ - ndr_print_string(ndr, name, s); -} - -/* - pull one component of a nbt_string -*/ -static enum ndr_err_code ndr_pull_component(struct ndr_pull *ndr, - uint8_t **component, - uint32_t *offset, - uint32_t *max_offset) -{ - uint8_t len; - uint_t loops = 0; - while (loops < 5) { - if (*offset >= ndr->data_size) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "BAD NBT NAME component"); - } - len = ndr->data[*offset]; - if (len == 0) { - *offset += 1; - *max_offset = MAX(*max_offset, *offset); - *component = NULL; - return NDR_ERR_SUCCESS; - } - if ((len & 0xC0) == 0xC0) { - /* its a label pointer */ - if (1 + *offset >= ndr->data_size) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "BAD NBT NAME component"); - } - *max_offset = MAX(*max_offset, *offset + 2); - *offset = ((len&0x3F)<<8) | ndr->data[1 + *offset]; - *max_offset = MAX(*max_offset, *offset); - loops++; - continue; - } - if ((len & 0xC0) != 0) { - /* its a reserved length field */ - return ndr_pull_error(ndr, NDR_ERR_STRING, - "BAD NBT NAME component"); - } - if (*offset + len + 2 > ndr->data_size) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "BAD NBT NAME component"); - } - *component = (uint8_t*)talloc_strndup(ndr, (const char *)&ndr->data[1 + *offset], len); - NDR_ERR_HAVE_NO_MEMORY(*component); - *offset += len + 1; - *max_offset = MAX(*max_offset, *offset); - return NDR_ERR_SUCCESS; - } - - /* too many pointers */ - return ndr_pull_error(ndr, NDR_ERR_STRING, "BAD NBT NAME component"); -} - -/** - pull a nbt_string from the wire -*/ -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_string(struct ndr_pull *ndr, int ndr_flags, const char **s) -{ - uint32_t offset = ndr->offset; - uint32_t max_offset = offset; - unsigned num_components; - char *name; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - name = NULL; - - /* break up name into a list of components */ - for (num_components=0;num_components<MAX_COMPONENTS;num_components++) { - uint8_t *component = NULL; - NDR_CHECK(ndr_pull_component(ndr, &component, &offset, &max_offset)); - if (component == NULL) break; - if (name) { - name = talloc_asprintf_append_buffer(name, ".%s", component); - NDR_ERR_HAVE_NO_MEMORY(name); - } else { - name = (char *)component; - } - } - if (num_components == MAX_COMPONENTS) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "BAD NBT NAME too many components"); - } - if (num_components == 0) { - name = talloc_strdup(ndr, ""); - NDR_ERR_HAVE_NO_MEMORY(name); - } - - (*s) = name; - ndr->offset = max_offset; - - return NDR_ERR_SUCCESS; -} - -/** - push a nbt string to the wire -*/ -_PUBLIC_ enum ndr_err_code ndr_push_nbt_string(struct ndr_push *ndr, int ndr_flags, const char *s) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - while (s && *s) { - enum ndr_err_code ndr_err; - char *compname; - size_t complen; - uint32_t offset; - - /* see if we have pushed the remaing string allready, - * if so we use a label pointer to this string - */ - ndr_err = ndr_token_retrieve_cmp_fn(&ndr->nbt_string_list, s, &offset, (comparison_fn_t)strcmp, false); - if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - uint8_t b[2]; - - if (offset > 0x3FFF) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "offset for nbt string label pointer %u[%08X] > 0x00003FFF", - offset, offset); - } - - b[0] = 0xC0 | (offset>>8); - b[1] = (offset & 0xFF); - - return ndr_push_bytes(ndr, b, 2); - } - - complen = strcspn(s, "."); - - /* we need to make sure the length fits into 6 bytes */ - if (complen >= 0x3F) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "component length %u[%08X] > 0x00003F", - (unsigned)complen, (unsigned)complen); - } - - compname = talloc_asprintf(ndr, "%c%*.*s", - (unsigned char)complen, - (unsigned char)complen, - (unsigned char)complen, s); - NDR_ERR_HAVE_NO_MEMORY(compname); - - /* remember the current componemt + the rest of the string - * so it can be reused later - */ - NDR_CHECK(ndr_token_store(ndr, &ndr->nbt_string_list, s, ndr->offset)); - - /* push just this component into the blob */ - NDR_CHECK(ndr_push_bytes(ndr, (const uint8_t *)compname, complen+1)); - talloc_free(compname); - - s += complen; - if (*s == '.') s++; - } - - /* if we reach the end of the string and have pushed the last component - * without using a label pointer, we need to terminate the string - */ - return ndr_push_bytes(ndr, (const uint8_t *)"", 1); -} - - -/* - decompress a 'compressed' name component - */ -static bool decompress_name(char *name, enum nbt_name_type *type) -{ - int i; - for (i=0;name[2*i];i++) { - uint8_t c1 = name[2*i]; - uint8_t c2 = name[1+(2*i)]; - if (c1 < 'A' || c1 > 'P' || - c2 < 'A' || c2 > 'P') { - return false; - } - name[i] = ((c1-'A')<<4) | (c2-'A'); - } - name[i] = 0; - if (i == 16) { - *type = (enum nbt_name_type)(name[15]); - name[15] = 0; - i--; - } else { - *type = NBT_NAME_CLIENT; - } - - /* trim trailing spaces */ - for (;i>0 && name[i-1]==' ';i--) { - name[i-1] = 0; - } - - return true; -} - - -/* - compress a name component - */ -static uint8_t *compress_name(TALLOC_CTX *mem_ctx, - const uint8_t *name, enum nbt_name_type type) -{ - uint8_t *cname; - int i; - uint8_t pad_char; - - if (strlen((const char *)name) > 15) { - return NULL; - } - - cname = talloc_array(mem_ctx, uint8_t, 33); - if (cname == NULL) return NULL; - - for (i=0;name[i];i++) { - cname[2*i] = 'A' + (name[i]>>4); - cname[1+2*i] = 'A' + (name[i]&0xF); - } - if (strcmp((const char *)name, "*") == 0) { - pad_char = 0; - } else { - pad_char = ' '; - } - for (;i<15;i++) { - cname[2*i] = 'A' + (pad_char>>4); - cname[1+2*i] = 'A' + (pad_char&0xF); - } - - pad_char = type; - cname[2*i] = 'A' + (pad_char>>4); - cname[1+2*i] = 'A' + (pad_char&0xF); - - cname[32] = 0; - return cname; -} - - -/** - pull a nbt name from the wire -*/ -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name *r) -{ - uint8_t *scope; - char *cname; - const char *s; - bool ok; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - NDR_CHECK(ndr_pull_nbt_string(ndr, ndr_flags, &s)); - - scope = (uint8_t *)strchr(s, '.'); - if (scope) { - *scope = 0; - r->scope = talloc_strdup(ndr->current_mem_ctx, (const char *)&scope[1]); - NDR_ERR_HAVE_NO_MEMORY(r->scope); - } else { - r->scope = NULL; - } - - cname = discard_const_p(char, s); - - /* the first component is limited to 16 bytes in the DOS charset, - which is 32 in the 'compressed' form */ - if (strlen(cname) > 32) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "NBT NAME cname > 32"); - } - - /* decompress the first component */ - ok = decompress_name(cname, &r->type); - if (!ok) { - return ndr_pull_error(ndr, NDR_ERR_STRING, - "NBT NAME failed to decompress"); - } - - r->name = talloc_strdup(ndr->current_mem_ctx, cname); - NDR_ERR_HAVE_NO_MEMORY(r->name); - - talloc_free(cname); - - return NDR_ERR_SUCCESS; -} - -/** - push a nbt name to the wire -*/ -_PUBLIC_ enum ndr_err_code ndr_push_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r) -{ - uint8_t *cname, *fullname; - enum ndr_err_code ndr_err; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (strlen(r->name) > 15) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "nbt_name longer as 15 chars: %s", - r->name); - } - - cname = compress_name(ndr, (const uint8_t *)r->name, r->type); - NDR_ERR_HAVE_NO_MEMORY(cname); - - if (r->scope) { - fullname = (uint8_t *)talloc_asprintf(ndr, "%s.%s", cname, r->scope); - NDR_ERR_HAVE_NO_MEMORY(fullname); - talloc_free(cname); - } else { - fullname = cname; - } - - ndr_err = ndr_push_nbt_string(ndr, ndr_flags, (const char *)fullname); - - return ndr_err; -} - - -/** - copy a nbt name structure -*/ -_PUBLIC_ NTSTATUS nbt_name_dup(TALLOC_CTX *mem_ctx, struct nbt_name *name, struct nbt_name *newname) -{ - *newname = *name; - newname->name = talloc_strdup(mem_ctx, newname->name); - NT_STATUS_HAVE_NO_MEMORY(newname->name); - newname->scope = talloc_strdup(mem_ctx, newname->scope); - if (name->scope) { - NT_STATUS_HAVE_NO_MEMORY(newname->scope); - } - return NT_STATUS_OK; -} - -/** - push a nbt name into a blob -*/ -_PUBLIC_ NTSTATUS nbt_name_to_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct nbt_name *name) -{ - enum ndr_err_code ndr_err; - - ndr_err = ndr_push_struct_blob(blob, mem_ctx, name, (ndr_push_flags_fn_t)ndr_push_nbt_name); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return ndr_map_error2ntstatus(ndr_err); - } - - return NT_STATUS_OK; -} - -/** - pull a nbt name from a blob -*/ -_PUBLIC_ NTSTATUS nbt_name_from_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct nbt_name *name) -{ - enum ndr_err_code ndr_err; - - ndr_err = ndr_pull_struct_blob(blob, mem_ctx, name, - (ndr_pull_flags_fn_t)ndr_pull_nbt_name); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return ndr_map_error2ntstatus(ndr_err); - } - - return NT_STATUS_OK; -} - - -/** - choose a name to use when calling a server in a NBT session request. - we use heuristics to see if the name we have been given is a IP - address, or a too-long name. If it is then use *SMBSERVER, or a - truncated name -*/ -_PUBLIC_ void nbt_choose_called_name(TALLOC_CTX *mem_ctx, - struct nbt_name *n, const char *name, int type) -{ - n->scope = NULL; - n->type = type; - - if ((name == NULL) || is_ipaddress(name)) { - n->name = "*SMBSERVER"; - return; - } - if (strlen(name) > 15) { - const char *p = strchr(name, '.'); - char *s; - if (p - name > 15) { - n->name = "*SMBSERVER"; - return; - } - s = talloc_strndup(mem_ctx, name, PTR_DIFF(p, name)); - n->name = talloc_strdup_upper(mem_ctx, s); - return; - } - - n->name = talloc_strdup_upper(mem_ctx, name); -} - - -/* - escape a string into a form containing only a small set of characters, - the rest is hex encoded. This is similar to URL encoding -*/ -static const char *nbt_hex_encode(TALLOC_CTX *mem_ctx, const char *s) -{ - int i, len; - char *ret; - const char *valid_chars = "_-.$@ "; -#define NBT_CHAR_ALLOW(c) (isalnum((unsigned char)c) || strchr(valid_chars, c)) - - for (len=i=0;s[i];i++,len++) { - if (!NBT_CHAR_ALLOW(s[i])) { - len += 2; - } - } - - ret = talloc_array(mem_ctx, char, len+1); - if (ret == NULL) return NULL; - - for (len=i=0;s[i];i++) { - if (NBT_CHAR_ALLOW(s[i])) { - ret[len++] = s[i]; - } else { - snprintf(&ret[len], 4, "%%%02x", (unsigned char)s[i]); - len += 3; - } - } - ret[len] = 0; - - return ret; -} - - -/** - form a string for a NBT name -*/ -_PUBLIC_ char *nbt_name_string(TALLOC_CTX *mem_ctx, const struct nbt_name *name) -{ - TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - char *ret; - if (name->scope) { - ret = talloc_asprintf(mem_ctx, "%s<%02x>-%s", - nbt_hex_encode(tmp_ctx, name->name), - name->type, - nbt_hex_encode(tmp_ctx, name->scope)); - } else { - ret = talloc_asprintf(mem_ctx, "%s<%02x>", - nbt_hex_encode(tmp_ctx, name->name), - name->type); - } - talloc_free(tmp_ctx); - return ret; -} - -/** - pull a nbt name, WINS Replication uses another on wire format for nbt name -*/ -_PUBLIC_ enum ndr_err_code ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr_flags, const struct nbt_name **_r) -{ - struct nbt_name *r; - uint8_t *namebuf; - uint32_t namebuf_len; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &namebuf_len)); - if (namebuf_len < 1 || namebuf_len > 255) { - return ndr_pull_error(ndr, NDR_ERR_ALLOC, "value out of range"); - } - NDR_PULL_ALLOC_N(ndr, namebuf, namebuf_len); - NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len)); - - NDR_PULL_ALLOC(ndr, r); - - /* oh wow, what a nasty bug in windows ... */ - if (namebuf[0] == 0x1b && namebuf_len >= 16) { - namebuf[0] = namebuf[15]; - namebuf[15] = 0x1b; - } - - if (namebuf_len < 17) { - r->type = 0x00; - - r->name = talloc_strndup(r, (char *)namebuf, namebuf_len); - if (!r->name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory"); - - r->scope= NULL; - - talloc_free(namebuf); - *_r = r; - return NDR_ERR_SUCCESS; - } - - r->type = namebuf[15]; - - namebuf[15] = '\0'; - trim_string((char *)namebuf, NULL, " "); - r->name = talloc_strdup(r, (char *)namebuf); - if (!r->name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory"); - - if (namebuf_len > 18) { - r->scope = talloc_strndup(r, (char *)(namebuf+17), namebuf_len-17); - if (!r->scope) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory"); - } else { - r->scope = NULL; - } - - talloc_free(namebuf); - *_r = r; - return NDR_ERR_SUCCESS; -} - -/** - push a nbt name, WINS Replication uses another on wire format for nbt name -*/ -_PUBLIC_ enum ndr_err_code ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r) -{ - uint8_t *namebuf; - uint32_t namebuf_len; - uint32_t _name_len; - uint32_t scope_len = 0; - - if (r == NULL) { - return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, - "wrepl_nbt_name NULL pointer"); - } - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - _name_len = strlen(r->name); - if (_name_len > 15) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "wrepl_nbt_name longer as 15 chars: %s", - r->name); - } - - if (r->scope) { - scope_len = strlen(r->scope); - } - if (scope_len > 238) { - return ndr_push_error(ndr, NDR_ERR_STRING, - "wrepl_nbt_name scope longer as 238 chars: %s", - r->scope); - } - - namebuf = (uint8_t *)talloc_asprintf(ndr, "%-15s%c%s", - r->name, 'X', - (r->scope?r->scope:"")); - if (!namebuf) return ndr_push_error(ndr, NDR_ERR_ALLOC, "out of memory"); - - namebuf_len = strlen((char *)namebuf) + 1; - - /* - * we need to set the type here, and use a place-holder in the talloc_asprintf() - * as the type can be 0x00, and then the namebuf_len = strlen(namebuf); would give wrong results - */ - namebuf[15] = r->type; - - /* oh wow, what a nasty bug in windows ... */ - if (r->type == 0x1b) { - namebuf[15] = namebuf[0]; - namebuf[0] = 0x1b; - } - - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, namebuf_len)); - NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len)); - - talloc_free(namebuf); - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_wrepl_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r) -{ - char *s = nbt_name_string(ndr, r); - ndr_print_string(ndr, name, s); - talloc_free(s); -} diff --git a/source3/libgpo/gpext/scripts.c b/source3/libgpo/gpext/scripts.c index c07407c3f0..02c3abaa1e 100644 --- a/source3/libgpo/gpext/scripts.c +++ b/source3/libgpo/gpext/scripts.c @@ -93,7 +93,7 @@ static NTSTATUS generate_gp_registry_entry(TALLOC_CTX *mem_ctx, data->type = data_type; switch (data->type) { case REG_QWORD: - data->v.qword = (uint64_t)data_p; + data->v.qword = *(uint64_t *)data_p; break; case REG_SZ: data->v.sz.str = talloc_strdup(mem_ctx, (char *)data_p); diff --git a/source3/libgpo/gpext/security.c b/source3/libgpo/gpext/security.c new file mode 100644 index 0000000000..1d746da37f --- /dev/null +++ b/source3/libgpo/gpext/security.c @@ -0,0 +1,267 @@ +/* + * Unix SMB/CIFS implementation. + * Group Policy Support + * Copyright (C) Guenther Deschner 2005-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" +#include "libgpo/gpo_ini.h" + +#define GP_EXT_NAME "security" + +#define GPTTMPL_UNIX_PATH "Microsoft/Windows NT/SecEdit/GptTmpl.inf" + +#define GPTTMPL_SECTION_UNICODE "Unicode" +#define GPTTMPL_SECTION_VERSION "Version" + +#define GPTTMPL_SECTION_REGISTRY_VALUES "Registry Values" +#define GPTTMPL_SECTION_SYSTEM_ACCESS "System Access" +#define GPTTMPL_SECTION_KERBEROS_POLICY "Kerberos Policy" +#define GPTTMPL_SECTION_EVENT_AUDIT "Event Audit" +#define GPTTMPL_SECTION_PRIVILEGE_RIGHTS "Privilege Rights" +#define GPTTMPL_SECTION_APPLICATION_LOG "Application Log" +#define GPTTMPL_SECTION_SECURITY_LOG "Security Log" +#define GPTTMPL_SECTION_SYSTEM_LOG "System Log" +#define GPTTMPL_SECTION_GROUP_MEMBERSHIP "Group Membership" +#define GPTTMPL_SECTION_FILE_SECURITY "File Security" +#define GPTTMPL_SECTION_SERVICE_GENERAL_SETTING "Service General Setting" + +static TALLOC_CTX *ctx = NULL; + +struct gpttmpl_table { + const char *section; + const char *parameter; + enum winreg_Type type; +}; + +/**************************************************************** + parse the Version section from gpttmpl file +****************************************************************/ + +#define GPTTMPL_PARAMETER_REVISION "Revision" +#define GPTTMPL_PARAMETER_SIGNATURE "signature" +#define GPTTMPL_VALUE_CHICAGO "$CHICAGO$" /* whatever this is good for... */ +#define GPTTMPL_PARAMETER_UNICODE "Unicode" + +static NTSTATUS gpttmpl_parse_header(dictionary *dict, + uint32_t *version_out) +{ + const char *signature = NULL; + uint32_t version; + + if (!dict) { + return NT_STATUS_INVALID_PARAMETER; + } + + if ((signature = iniparser_getstring(dict, GPTTMPL_SECTION_VERSION + ":"GPTTMPL_PARAMETER_SIGNATURE, NULL)) == NULL) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + if (!strequal(signature, GPTTMPL_VALUE_CHICAGO)) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + if ((version = iniparser_getint(dict, GPTTMPL_SECTION_VERSION + ":"GPTTMPL_PARAMETER_REVISION, Undefined)) == Undefined) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + if (version_out) { + *version_out = version; + } + + /* treat that as boolean */ + if ((!iniparser_getboolean(dict, GPTTMPL_SECTION_UNICODE + ":"GPTTMPL_PARAMETER_UNICODE, Undefined)) == Undefined) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS gpttmpl_init_context(TALLOC_CTX *mem_ctx, + uint32_t flags, + const char *unix_path, + struct gp_inifile_context **ini_ctx) +{ + NTSTATUS status; + uint32_t version; + struct gp_inifile_context *tmp_ctx = NULL; + + status = gp_inifile_init_context(mem_ctx, flags, unix_path, + GPTTMPL_UNIX_PATH, &tmp_ctx); + NT_STATUS_NOT_OK_RETURN(status); + + status = gpttmpl_parse_header(tmp_ctx->dict, &version); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1,("gpttmpl_init_context: failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(tmp_ctx); + return status; + } + + *ini_ctx = tmp_ctx; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS gpttmpl_process(struct gp_inifile_context *ini_ctx, + struct registry_key *root_key, + uint32_t flags) +{ + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS security_process_group_policy(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + uint32_t flags, + struct registry_key *root_key, + const struct nt_user_token *token, + struct GROUP_POLICY_OBJECT *gpo, + const char *extension_guid, + const char *snapin_guid) +{ + NTSTATUS status; + char *unix_path = NULL; + struct gp_inifile_context *ini_ctx = NULL; + + debug_gpext_header(0, "security_process_group_policy", flags, gpo, + extension_guid, snapin_guid); + + /* this handler processes the gpttmpl files and merge output to the + * registry */ + + status = gpo_get_unix_path(mem_ctx, gpo, &unix_path); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + + status = gpttmpl_init_context(mem_ctx, flags, unix_path, &ini_ctx); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + + status = gpttmpl_process(ini_ctx, root_key, flags); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + + out: + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("security_process_group_policy: %s\n", + nt_errstr(status))); + } + TALLOC_FREE(ini_ctx); + + return status; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS security_get_reg_config(TALLOC_CTX *mem_ctx, + struct gp_extension_reg_info **reg_info) +{ + NTSTATUS status; + struct gp_extension_reg_info *info = NULL; + + struct gp_extension_reg_table table[] = { + /* FIXME: how can we store the "(Default)" value ??? */ + /* { "", REG_SZ, "Security" }, */ + { "ProcessGroupPolicy", REG_SZ, "security_process_group_policy" }, + { "NoUserPolicy", REG_DWORD, "1" }, + { "ExtensionDebugLevel", REG_DWORD, "1" }, + { NULL, REG_NONE, NULL } + }; + + info = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_info); + NT_STATUS_HAVE_NO_MEMORY(info); + + status = gp_ext_info_add_entry(mem_ctx, GP_EXT_NAME, + GP_EXT_GUID_SECURITY, + table, info); + NT_STATUS_NOT_OK_RETURN(status); + + *reg_info = info; + + return NT_STATUS_OK; +} + + +/**************************************************************** +****************************************************************/ + +static NTSTATUS security_initialize(TALLOC_CTX *mem_ctx) +{ + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS security_shutdown(void) +{ + NTSTATUS status; + + status = unregister_gp_extension(GP_EXT_NAME); + if (NT_STATUS_IS_OK(status)) { + return status; + } + + TALLOC_FREE(ctx); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static struct gp_extension_methods security_methods = { + .initialize = security_initialize, + .process_group_policy = security_process_group_policy, + .get_reg_config = security_get_reg_config, + .shutdown = security_shutdown +}; + +/**************************************************************** +****************************************************************/ + +static NTSTATUS gpext_security_init(void) +{ + NTSTATUS status; + + ctx = talloc_init("gpext_security_init"); + NT_STATUS_HAVE_NO_MEMORY(ctx); + + status = register_gp_extension(ctx, SMB_GPEXT_INTERFACE_VERSION, + GP_EXT_NAME, GP_EXT_GUID_SECURITY, + &security_methods); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(ctx); + } + + return status; +} diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c index 920deeb189..d49315021e 100644 --- a/source3/libgpo/gpo_reg.c +++ b/source3/libgpo/gpo_reg.c @@ -689,25 +689,25 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx, size_t *sd_size) { SEC_ACE ace[6]; - SEC_ACCESS mask; + uint32_t mask; SEC_ACL *acl = NULL; uint8_t inherit_flags; - init_sec_access(&mask, REG_KEY_ALL); + mask = REG_KEY_ALL; init_sec_ace(&ace[0], &global_sid_System, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_access(&mask, REG_KEY_ALL); + mask = REG_KEY_ALL; init_sec_ace(&ace[1], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_access(&mask, REG_KEY_READ); + mask = REG_KEY_READ; init_sec_ace(&ace[2], sid ? sid : &global_sid_Authenticated_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, @@ -717,19 +717,19 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx, SEC_ACE_FLAG_CONTAINER_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY; - init_sec_access(&mask, REG_KEY_ALL); + mask = REG_KEY_ALL; init_sec_ace(&ace[3], &global_sid_System, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, inherit_flags); - init_sec_access(&mask, REG_KEY_ALL); + mask = REG_KEY_ALL; init_sec_ace(&ace[4], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, inherit_flags); - init_sec_access(&mask, REG_KEY_READ); + mask = REG_KEY_READ; init_sec_ace(&ace[5], sid ? sid : &global_sid_Authenticated_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c index 6ba2c3aa41..6a3139d6ad 100644 --- a/source3/libnet/libnet_dssync_keytab.c +++ b/source3/libnet/libnet_dssync_keytab.c @@ -86,7 +86,7 @@ static NTSTATUS keytab_startup(struct dssync_context *ctx, TALLOC_CTX *mem_ctx, old_utdv = talloc(mem_ctx, struct replUpToDateVectorBlob); ndr_err = ndr_pull_struct_blob(&entry->password, old_utdv, - old_utdv, + NULL, old_utdv, (ndr_pull_flags_fn_t)ndr_pull_replUpToDateVectorBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); @@ -124,7 +124,7 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx, NDR_PRINT_DEBUG(replUpToDateVectorBlob, new_utdv); } - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, new_utdv, + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, new_utdv, (ndr_push_flags_fn_t)ndr_push_replUpToDateVectorBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -179,7 +179,7 @@ static NTSTATUS parse_supplemental_credentials(TALLOC_CTX *mem_ctx, bool newer_keys = false; uint32_t j; - ndr_err = ndr_pull_struct_blob_all(blob, mem_ctx, &scb, + ndr_err = ndr_pull_struct_blob_all(blob, mem_ctx, NULL, &scb, (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -236,7 +236,7 @@ static NTSTATUS parse_supplemental_credentials(TALLOC_CTX *mem_ctx, status = NT_STATUS_NO_MEMORY; goto done; } - ndr_err = ndr_pull_struct_blob(&scpk_blob, mem_ctx, pkb, + ndr_err = ndr_pull_struct_blob(&scpk_blob, mem_ctx, NULL, pkb, (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index a39dee676f..ab8af0be6b 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -357,10 +357,15 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, strupper_m(spn); spn_array[0] = spn; - if (name_to_fqdn(my_fqdn, r->in.machine_name) && - !strequal(my_fqdn, r->in.machine_name)) { + if (!name_to_fqdn(my_fqdn, r->in.machine_name) + || (strchr(my_fqdn, '.') == NULL)) { + fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, + r->out.dns_domain_name); + } + + strlower_m(my_fqdn); - strlower_m(my_fqdn); + if (!strequal(my_fqdn, r->in.machine_name)) { spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); if (!spn) { return ADS_ERROR_LDAP(LDAP_NO_MEMORY); diff --git a/source3/libnet/libnet_proto.h b/source3/libnet/libnet_proto.h index 43046a44c0..69a16c1c7d 100644 --- a/source3/libnet/libnet_proto.h +++ b/source3/libnet/libnet_proto.h @@ -53,7 +53,7 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx); struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *ctx, const char *principal, int kvno, - const const krb5_enctype enctype, + const krb5_enctype enctype, TALLOC_CTX *mem_ctx); #endif diff --git a/source3/libnet/libnet_samsync.c b/source3/libnet/libnet_samsync.c index daf27ffb51..64dcf6de51 100644 --- a/source3/libnet/libnet_samsync.c +++ b/source3/libnet/libnet_samsync.c @@ -65,7 +65,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx, user->user_private_info.SensitiveData = data.data; user->user_private_info.DataLength = data.length; - ndr_err = ndr_pull_struct_blob(&data, mem_ctx, &keys, + ndr_err = ndr_pull_struct_blob(&data, mem_ctx, NULL, &keys, (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { dump_data(10, data.data, data.length); @@ -397,7 +397,7 @@ NTSTATUS pull_netr_AcctLockStr(TALLOC_CTX *mem_ctx, blob = data_blob_const(r->array, r->length); - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, str, + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, str, (ndr_pull_flags_fn_t)ndr_pull_netr_AcctLockStr); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 98da9e12ea..ae7acbf572 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -413,7 +413,9 @@ struct USER_INFO_X { uint32_t usriX_code_page; const char * usriX_profile; const char * usriX_home_dir_drive; + uint32_t usriX_user_id; uint32_t usriX_primary_group_id; + uint32_t usriX_password_expired; }; struct GROUP_USERS_INFO_0 { diff --git a/source3/librpc/gen_ndr/nbt.h b/source3/librpc/gen_ndr/nbt.h index 62ad524a91..4b872d7936 100644 --- a/source3/librpc/gen_ndr/nbt.h +++ b/source3/librpc/gen_ndr/nbt.h @@ -221,15 +221,15 @@ union nbt_rdata { struct nbt_rdata_netbios netbios;/* [case(NBT_QTYPE_NETBIOS)] */ struct nbt_rdata_status status;/* [case(NBT_QTYPE_STATUS)] */ struct nbt_rdata_data data;/* [default] */ -}/* [nodiscriminant] */; +}/* [nodiscriminant,public] */; struct nbt_res_rec { struct nbt_name name; enum nbt_qtype rr_type; enum nbt_qclass rr_class; uint32_t ttl; - union nbt_rdata rdata;/* [switch_is(((((rr_type)==NBT_QTYPE_NETBIOS)&&talloc_check_name(ndr,"struct ndr_push")&&((rdata).data.length==2))?0:rr_type))] */ -}/* [flag(LIBNDR_PRINT_ARRAY_HEX)] */; + union nbt_rdata rdata;/* [switch_is(rr_type)] */ +}/* [nopush,flag(LIBNDR_PRINT_ARRAY_HEX)] */; struct nbt_name_packet { uint16_t name_trn_id; @@ -390,69 +390,11 @@ struct nbt_dgram_packet { union dgram_data data;/* [switch_is(msg_type)] */ }/* [public,flag(LIBNDR_FLAG_NOALIGN|LIBNDR_FLAG_BIGENDIAN|LIBNDR_PRINT_ARRAY_HEX)] */; -enum nbt_netlogon_command -#ifndef USE_UINT_ENUMS - { - NETLOGON_QUERY_FOR_PDC=0x7, - NETLOGON_ANNOUNCE_UAS=0xa, - NETLOGON_RESPONSE_FROM_PDC=0xc, - NETLOGON_QUERY_FOR_PDC2=0x12, - NETLOGON_RESPONSE_FROM_PDC2=0x17, - NETLOGON_RESPONSE_FROM_PDC_USER=0x19 -} -#else - { __donnot_use_enum_nbt_netlogon_command=0x7FFFFFFF} -#define NETLOGON_QUERY_FOR_PDC ( 0x7 ) -#define NETLOGON_ANNOUNCE_UAS ( 0xa ) -#define NETLOGON_RESPONSE_FROM_PDC ( 0xc ) -#define NETLOGON_QUERY_FOR_PDC2 ( 0x12 ) -#define NETLOGON_RESPONSE_FROM_PDC2 ( 0x17 ) -#define NETLOGON_RESPONSE_FROM_PDC_USER ( 0x19 ) -#endif -; - -/* bitmap nbt_netlogon_version */ -#define NETLOGON_VERSION_1 ( 0x00000001 ) -#define NETLOGON_VERSION_5 ( 0x00000002 ) -#define NETLOGON_VERSION_5EX ( 0x00000004 ) -#define NETLOGON_VERSION_5EX_WITH_IP ( 0x00000008 ) -#define NETLOGON_VERSION_WITH_CLOSEST_SITE ( 0x00000010 ) -#define NETLOGON_VERSION_AVOID_NT4_EMUL ( 0x01000000 ) -#define NETLOGON_VERSION_PDC ( 0x10000000 ) -#define NETLOGON_VERSION_IP ( 0x20000000 ) -#define NETLOGON_VERSION_LOCAL ( 0x40000000 ) -#define NETLOGON_VERSION_GC ( 0x80000000 ) - -struct nbt_netlogon_query_for_pdc { - const char * computer_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - const char * mailslot_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ - const char * unicode_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t nt_version; - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -struct nbt_netlogon_query_for_pdc2 { - uint16_t request_count; - const char * computer_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * mailslot_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t unknown[2]; - uint32_t nt_version; - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -struct nbt_netlogon_response_from_pdc { - const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ - const char * unicode_pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * domain_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t nt_version; - uint16_t lmnt_token; - uint16_t lm20_token; -}; +struct nbt_sockaddr { + uint32_t sockaddr_family; + const char * pdc_ip;/* [flag(LIBNDR_FLAG_BIGENDIAN)] */ + DATA_BLOB remaining;/* [flag(LIBNDR_FLAG_REMAINING)] */ +}/* [gensize,public] */; /* bitmap nbt_server_type */ #define NBT_SERVER_PDC ( 0x00000001 ) @@ -468,157 +410,90 @@ struct nbt_netlogon_response_from_pdc { #define NBT_SERVER_SELECT_SECRET_DOMAIN_6 ( 0x00000800 ) #define NBT_SERVER_FULL_SECRET_DOMAIN_6 ( 0x00001000 ) -struct nbt_dc_sock_addr { - uint32_t family; - const char * pdc_ip;/* [flag(LIBNDR_FLAG_BIGENDIAN)] */ - DATA_BLOB remaining;/* [flag(LIBNDR_FLAG_REMAINING)] */ -}; - -struct nbt_netlogon_response_from_pdc2 { - DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN4)] */ - uint32_t server_type; - struct GUID domain_uuid; - const char * forest; - const char * dns_domain; - const char * pdc_dns_name; - const char * domain; - const char * pdc_name; - const char * user_name; - const char * server_site; - const char * client_site; - uint8_t dc_sock_addr_size; - struct nbt_dc_sock_addr dc_sock_addr;/* [subcontext_size(dc_sock_addr_size),subcontext(0)] */ - uint32_t nt_version; - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -enum netr_SamDatabaseID; - -struct nbt_db_change { - enum netr_SamDatabaseID db_index; - uint64_t serial; - NTTIME timestamp; -}; +/* bitmap netlogon_nt_version_flags */ +#define NETLOGON_NT_VERSION_1 ( 0x00000001 ) +#define NETLOGON_NT_VERSION_5 ( 0x00000002 ) +#define NETLOGON_NT_VERSION_5EX ( 0x00000004 ) +#define NETLOGON_NT_VERSION_5EX_WITH_IP ( 0x00000008 ) +#define NETLOGON_NT_VERSION_WITH_CLOSEST_SITE ( 0x00000010 ) +#define NETLOGON_NT_VERSION_AVIOD_NT4EMUL ( 0x01000000 ) +#define NETLOGON_NT_VERSION_PDC ( 0x10000000 ) +#define NETLOGON_NT_VERSION_IP ( 0x20000000 ) +#define NETLOGON_NT_VERSION_LOCAL ( 0x40000000 ) +#define NETLOGON_NT_VERSION_GC ( 0x80000000 ) + +enum netlogon_command +#ifndef USE_UINT_ENUMS + { + LOGON_PRIMARY_QUERY=7, + NETLOGON_ANNOUNCE_UAS=10, + NETLOGON_RESPONSE_FROM_PDC=12, + LOGON_SAM_LOGON_REQUEST=18, + LOGON_SAM_LOGON_RESPONSE=19, + LOGON_SAM_LOGON_PAUSE_RESPONSE=20, + LOGON_SAM_LOGON_USER_UNKNOWN=21, + LOGON_SAM_LOGON_RESPONSE_EX=23, + LOGON_SAM_LOGON_PAUSE_RESPONSE_EX=24, + LOGON_SAM_LOGON_USER_UNKNOWN_EX=25 +} +#else + { __donnot_use_enum_netlogon_command=0x7FFFFFFF} +#define LOGON_PRIMARY_QUERY ( 7 ) +#define NETLOGON_ANNOUNCE_UAS ( 10 ) +#define NETLOGON_RESPONSE_FROM_PDC ( 12 ) +#define LOGON_SAM_LOGON_REQUEST ( 18 ) +#define LOGON_SAM_LOGON_RESPONSE ( 19 ) +#define LOGON_SAM_LOGON_PAUSE_RESPONSE ( 20 ) +#define LOGON_SAM_LOGON_USER_UNKNOWN ( 21 ) +#define LOGON_SAM_LOGON_RESPONSE_EX ( 23 ) +#define LOGON_SAM_LOGON_PAUSE_RESPONSE_EX ( 24 ) +#define LOGON_SAM_LOGON_USER_UNKNOWN_EX ( 25 ) +#endif +; -struct nbt_netlogon_announce_uas { - uint32_t serial_lo; - time_t timestamp; - uint32_t pulse; - uint32_t random; - const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - const char * domain;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ - const char * unicode_pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * unicode_domain;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t db_count; - struct nbt_db_change *dbchange; +struct NETLOGON_SAM_LOGON_REQUEST { + uint16_t request_count; + const char * computer_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + const char * mailslot_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t acct_control; uint32_t sid_size;/* [value(ndr_size_dom_sid0(&sid,ndr->flags))] */ + DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN4)] */ struct dom_sid0 sid;/* [subcontext_size(sid_size),subcontext(0)] */ uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; -}; +}/* [nopull,nopush] */; -union nbt_netlogon_request { - struct nbt_netlogon_query_for_pdc pdc;/* [case(NETLOGON_QUERY_FOR_PDC)] */ - struct nbt_netlogon_query_for_pdc2 pdc2;/* [case(NETLOGON_QUERY_FOR_PDC2)] */ - struct nbt_netlogon_announce_uas uas;/* [case(NETLOGON_ANNOUNCE_UAS)] */ - struct nbt_netlogon_response_from_pdc response;/* [case(NETLOGON_RESPONSE_FROM_PDC)] */ - struct nbt_netlogon_response_from_pdc2 response2;/* [case(NETLOGON_RESPONSE_FROM_PDC2)] */ -}/* [nodiscriminant] */; - -struct nbt_netlogon_packet { - enum nbt_netlogon_command command; - union nbt_netlogon_request req;/* [switch_is(command)] */ -}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; - -struct nbt_cldap_netlogon_1 { - enum nbt_netlogon_command type; - const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ +struct NETLOGON_SAM_LOGON_RESPONSE_NT40 { + enum netlogon_command command; + const char * server;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * domain_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t nt_version;/* [value] */ + const char * domain;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; -}; +}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; -struct nbt_cldap_netlogon_3 { - enum nbt_netlogon_command type; +struct NETLOGON_SAM_LOGON_RESPONSE { + enum netlogon_command command; const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ const char * domain_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ struct GUID domain_uuid; - struct GUID unknown_uuid; + struct GUID zero_uuid; const char * forest; const char * dns_domain; const char * pdc_dns_name; const char * pdc_ip; uint32_t server_type; - uint32_t nt_version;/* [value(3)] */ - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -struct nbt_cldap_netlogon_5 { - enum nbt_netlogon_command type; - uint16_t sbz; - uint32_t server_type; - struct GUID domain_uuid; - const char * forest; - const char * dns_domain; - const char * pdc_dns_name; - const char * domain; - const char * pdc_name; - const char * user_name; - const char * server_site; - const char * client_site; - uint32_t nt_version;/* [value(5)] */ - uint16_t lmnt_token; - uint16_t lm20_token; -}/* [public] */; - -struct nbt_cldap_netlogon_13 { - enum nbt_netlogon_command type; - uint16_t sbz; - uint32_t server_type; - struct GUID domain_uuid; - const char * forest; - const char * dns_domain; - const char * pdc_dns_name; - const char * domain; - const char * pdc_name; - const char * user_name; - const char * server_site; - const char * client_site; - uint8_t dc_sock_addr_size; - struct nbt_dc_sock_addr dc_sock_addr;/* [subcontext_size(dc_sock_addr_size),subcontext(0)] */ - uint32_t nt_version;/* [value(13)] */ - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -struct nbt_cldap_netlogon_15 { - enum nbt_netlogon_command type; - uint16_t sbz; - uint32_t server_type; - struct GUID domain_uuid; - const char * forest; - const char * dns_domain; - const char * pdc_dns_name; - const char * domain; - const char * pdc_name; - const char * user_name; - const char * server_site; - const char * client_site; - const char * next_closest_site; - uint32_t nt_version;/* [value(15)] */ + uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; -}/* [public] */; +}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; -struct nbt_cldap_netlogon_29 { - enum nbt_netlogon_command type; +struct NETLOGON_SAM_LOGON_RESPONSE_EX { + enum netlogon_command command; uint16_t sbz; uint32_t server_type; struct GUID domain_uuid; @@ -630,71 +505,70 @@ struct nbt_cldap_netlogon_29 { const char * user_name; const char * server_site; const char * client_site; - uint8_t dc_sock_addr_size; - struct nbt_dc_sock_addr dc_sock_addr;/* [subcontext_size(dc_sock_addr_size),subcontext(0)] */ + uint8_t sockaddr_size;/* [value(ndr_size_nbt_sockaddr(&sockaddr,ndr->flags))] */ + struct nbt_sockaddr sockaddr;/* [subcontext_size(sockaddr_size),subcontext(0)] */ const char * next_closest_site; - uint32_t nt_version;/* [value(29)] */ + uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; -}/* [public] */; - -union nbt_cldap_netlogon { - struct nbt_cldap_netlogon_1 logon1;/* [case(0)] */ - struct nbt_cldap_netlogon_3 logon3;/* [case(2)] */ - struct nbt_cldap_netlogon_5 logon5;/* [case(4)] */ - struct nbt_cldap_netlogon_13 logon13;/* [case(8)] */ - struct nbt_cldap_netlogon_15 logon15;/* [case(20)] */ - struct nbt_cldap_netlogon_29 logon29;/* [case(29)] */ -}/* [public,nodiscriminant,flag(LIBNDR_FLAG_NOALIGN)] */; - -enum nbt_ntlogon_command -#ifndef USE_UINT_ENUMS - { - NTLOGON_SAM_LOGON=0x12, - NTLOGON_SAM_LOGON_REPLY=0x13, - NTLOGON_SAM_LOGON_REPLY15=0x15, - NTLOGON_RESPONSE_FROM_PDC2=0x17 -} -#else - { __donnot_use_enum_nbt_ntlogon_command=0x7FFFFFFF} -#define NTLOGON_SAM_LOGON ( 0x12 ) -#define NTLOGON_SAM_LOGON_REPLY ( 0x13 ) -#define NTLOGON_SAM_LOGON_REPLY15 ( 0x15 ) -#define NTLOGON_RESPONSE_FROM_PDC2 ( 0x17 ) -#endif -; +}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; -struct nbt_ntlogon_sam_logon { - uint16_t request_count; - const char * computer_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ +struct nbt_netlogon_query_for_pdc { + const char * computer_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ const char * mailslot_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ - uint32_t acct_control; - uint32_t sid_size;/* [value(ndr_size_dom_sid0(&sid,ndr->flags))] */ - struct dom_sid0 sid;/* [subcontext_size(sid_size),subcontext(0)] */ + DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ + const char * unicode_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; }; -struct nbt_ntlogon_sam_logon_reply { - const char * server;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * user_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ - const char * domain;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ +struct nbt_netlogon_response_from_pdc { + enum netlogon_command command; + const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ + DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ + const char * unicode_pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + const char * domain_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ uint32_t nt_version; uint16_t lmnt_token; uint16_t lm20_token; +}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; + +enum netr_SamDatabaseID; + +struct nbt_db_change_info { + enum netr_SamDatabaseID db_index; + uint64_t serial; + NTTIME timestamp; +}; + +struct NETLOGON_DB_CHANGE { + uint32_t serial_lo; + time_t timestamp; + uint32_t pulse; + uint32_t random; + const char * pdc_name;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ + const char * domain;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM)] */ + DATA_BLOB _pad;/* [flag(LIBNDR_FLAG_ALIGN2)] */ + const char * unicode_pdc_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + const char * unicode_domain;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */ + uint32_t db_count; + struct nbt_db_change_info *dbchange; + uint32_t sid_size;/* [value(ndr_size_dom_sid0(&sid,ndr->flags))] */ + struct dom_sid0 sid;/* [subcontext_size(sid_size),subcontext(0)] */ + uint32_t message_format_version; + uint32_t message_token; }; -union nbt_ntlogon_request { - struct nbt_ntlogon_sam_logon logon;/* [case(NTLOGON_SAM_LOGON)] */ - struct nbt_ntlogon_sam_logon_reply reply;/* [case(NTLOGON_SAM_LOGON_REPLY)] */ - struct nbt_netlogon_response_from_pdc2 reply2;/* [case(NTLOGON_RESPONSE_FROM_PDC2)] */ +union nbt_netlogon_request { + struct NETLOGON_SAM_LOGON_REQUEST logon;/* [case(LOGON_SAM_LOGON_REQUEST)] */ + struct nbt_netlogon_query_for_pdc pdc;/* [case(LOGON_PRIMARY_QUERY)] */ + struct NETLOGON_DB_CHANGE uas;/* [case(NETLOGON_ANNOUNCE_UAS)] */ }/* [nodiscriminant] */; -struct nbt_ntlogon_packet { - enum nbt_ntlogon_command command; - union nbt_ntlogon_request req;/* [switch_is(command)] */ +struct nbt_netlogon_packet { + enum netlogon_command command; + union nbt_netlogon_request req;/* [switch_is(command)] */ }/* [public,flag(LIBNDR_FLAG_NOALIGN)] */; enum nbt_browse_opcode diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index a5266827b6..d7bf63e62f 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -1895,7 +1895,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_USER_INFO_X(struct ndr_push *ndr, int ndr_fl NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_code_page)); NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_profile)); NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_home_dir_drive)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_user_id)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_primary_group_id)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_password_expired)); } if (ndr_flags & NDR_BUFFERS) { if (r->usriX_logon_hours) { @@ -1942,7 +1944,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_USER_INFO_X(struct ndr_pull *ndr, int ndr_fl NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_code_page)); NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->usriX_profile)); NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->usriX_home_dir_drive)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_user_id)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_primary_group_id)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_password_expired)); } if (ndr_flags & NDR_BUFFERS) { if (r->usriX_logon_hours) { @@ -1990,7 +1994,9 @@ _PUBLIC_ void ndr_print_USER_INFO_X(struct ndr_print *ndr, const char *name, con ndr_print_uint32(ndr, "usriX_code_page", r->usriX_code_page); ndr_print_string(ndr, "usriX_profile", r->usriX_profile); ndr_print_string(ndr, "usriX_home_dir_drive", r->usriX_home_dir_drive); + ndr_print_uint32(ndr, "usriX_user_id", r->usriX_user_id); ndr_print_uint32(ndr, "usriX_primary_group_id", r->usriX_primary_group_id); + ndr_print_uint32(ndr, "usriX_password_expired", r->usriX_password_expired); ndr->depth--; } diff --git a/source3/librpc/gen_ndr/ndr_nbt.c b/source3/librpc/gen_ndr/ndr_nbt.c index 75667183a8..c02b539da5 100644 --- a/source3/librpc/gen_ndr/ndr_nbt.c +++ b/source3/librpc/gen_ndr/ndr_nbt.c @@ -77,13 +77,13 @@ _PUBLIC_ void ndr_print_nbt_name(struct ndr_print *ndr, const char *name, const ndr->depth--; } -static enum ndr_err_code ndr_push_nbt_qclass(struct ndr_push *ndr, int ndr_flags, enum nbt_qclass r) +_PUBLIC_ enum ndr_err_code ndr_push_nbt_qclass(struct ndr_push *ndr, int ndr_flags, enum nbt_qclass r) { NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_qclass(struct ndr_pull *ndr, int ndr_flags, enum nbt_qclass *r) +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_qclass(struct ndr_pull *ndr, int ndr_flags, enum nbt_qclass *r) { uint16_t v; NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); @@ -101,13 +101,13 @@ _PUBLIC_ void ndr_print_nbt_qclass(struct ndr_print *ndr, const char *name, enum ndr_print_enum(ndr, name, "ENUM", val, r); } -static enum ndr_err_code ndr_push_nbt_qtype(struct ndr_push *ndr, int ndr_flags, enum nbt_qtype r) +_PUBLIC_ enum ndr_err_code ndr_push_nbt_qtype(struct ndr_push *ndr, int ndr_flags, enum nbt_qtype r) { NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_qtype(struct ndr_pull *ndr, int ndr_flags, enum nbt_qtype *r) +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_qtype(struct ndr_pull *ndr, int ndr_flags, enum nbt_qtype *r) { uint16_t v; NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); @@ -496,7 +496,7 @@ _PUBLIC_ void ndr_print_nbt_rdata_data(struct ndr_print *ndr, const char *name, ndr->depth--; } -static enum ndr_err_code ndr_push_nbt_rdata(struct ndr_push *ndr, int ndr_flags, const union nbt_rdata *r) +_PUBLIC_ enum ndr_err_code ndr_push_nbt_rdata(struct ndr_push *ndr, int ndr_flags, const union nbt_rdata *r) { if (ndr_flags & NDR_SCALARS) { int level = ndr_push_get_switch_value(ndr, r); @@ -532,7 +532,7 @@ static enum ndr_err_code ndr_push_nbt_rdata(struct ndr_push *ndr, int ndr_flags, return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_rdata(struct ndr_pull *ndr, int ndr_flags, union nbt_rdata *r) +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_rdata(struct ndr_pull *ndr, int ndr_flags, union nbt_rdata *r) { int level; level = ndr_pull_get_switch_value(ndr, r); @@ -589,27 +589,6 @@ _PUBLIC_ void ndr_print_nbt_rdata(struct ndr_print *ndr, const char *name, const } } -static enum ndr_err_code ndr_push_nbt_res_rec(struct ndr_push *ndr, int ndr_flags, const struct nbt_res_rec *r) -{ - { - uint32_t _flags_save_STRUCT = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_name(ndr, NDR_SCALARS, &r->name)); - NDR_CHECK(ndr_push_nbt_qtype(ndr, NDR_SCALARS, r->rr_type)); - NDR_CHECK(ndr_push_nbt_qclass(ndr, NDR_SCALARS, r->rr_class)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->ttl)); - NDR_CHECK(ndr_push_set_switch_value(ndr, &r->rdata, ((((r->rr_type) == NBT_QTYPE_NETBIOS) && talloc_check_name(ndr, "struct ndr_push") && ((r->rdata).data.length == 2))?0:r->rr_type))); - NDR_CHECK(ndr_push_nbt_rdata(ndr, NDR_SCALARS, &r->rdata)); - } - if (ndr_flags & NDR_BUFFERS) { - } - ndr->flags = _flags_save_STRUCT; - } - return NDR_ERR_SUCCESS; -} - static enum ndr_err_code ndr_pull_nbt_res_rec(struct ndr_pull *ndr, int ndr_flags, struct nbt_res_rec *r) { { @@ -621,7 +600,7 @@ static enum ndr_err_code ndr_pull_nbt_res_rec(struct ndr_pull *ndr, int ndr_flag NDR_CHECK(ndr_pull_nbt_qtype(ndr, NDR_SCALARS, &r->rr_type)); NDR_CHECK(ndr_pull_nbt_qclass(ndr, NDR_SCALARS, &r->rr_class)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ttl)); - NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->rdata, ((((r->rr_type) == NBT_QTYPE_NETBIOS) && talloc_check_name(ndr, "struct ndr_push") && ((r->rdata).data.length == 2))?0:r->rr_type))); + NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->rdata, r->rr_type)); NDR_CHECK(ndr_pull_nbt_rdata(ndr, NDR_SCALARS, &r->rdata)); } if (ndr_flags & NDR_BUFFERS) { @@ -642,7 +621,7 @@ _PUBLIC_ void ndr_print_nbt_res_rec(struct ndr_print *ndr, const char *name, con ndr_print_nbt_qtype(ndr, "rr_type", r->rr_type); ndr_print_nbt_qclass(ndr, "rr_class", r->rr_class); ndr_print_uint32(ndr, "ttl", r->ttl); - ndr_print_set_switch_value(ndr, &r->rdata, ((((r->rr_type) == NBT_QTYPE_NETBIOS) && talloc_check_name(ndr, "struct ndr_push") && ((r->rdata).data.length == 2))?0:r->rr_type)); + ndr_print_set_switch_value(ndr, &r->rdata, r->rr_type); ndr_print_nbt_rdata(ndr, "rdata", &r->rdata); ndr->depth--; ndr->flags = _flags_save_STRUCT; @@ -1548,13 +1527,138 @@ _PUBLIC_ void ndr_print_nbt_dgram_packet(struct ndr_print *ndr, const char *name } } -static enum ndr_err_code ndr_push_nbt_netlogon_command(struct ndr_push *ndr, int ndr_flags, enum nbt_netlogon_command r) +_PUBLIC_ enum ndr_err_code ndr_push_nbt_sockaddr(struct ndr_push *ndr, int ndr_flags, const struct nbt_sockaddr *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sockaddr_family)); + { + uint32_t _flags_save_ipv4address = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_BIGENDIAN); + NDR_CHECK(ndr_push_ipv4address(ndr, NDR_SCALARS, r->pdc_ip)); + ndr->flags = _flags_save_ipv4address; + } + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); + NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->remaining)); + ndr->flags = _flags_save_DATA_BLOB; + } + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_sockaddr(struct ndr_pull *ndr, int ndr_flags, struct nbt_sockaddr *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sockaddr_family)); + { + uint32_t _flags_save_ipv4address = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_BIGENDIAN); + NDR_CHECK(ndr_pull_ipv4address(ndr, NDR_SCALARS, &r->pdc_ip)); + ndr->flags = _flags_save_ipv4address; + } + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->remaining)); + ndr->flags = _flags_save_DATA_BLOB; + } + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_nbt_sockaddr(struct ndr_print *ndr, const char *name, const struct nbt_sockaddr *r) +{ + ndr_print_struct(ndr, name, "nbt_sockaddr"); + ndr->depth++; + ndr_print_uint32(ndr, "sockaddr_family", r->sockaddr_family); + ndr_print_ipv4address(ndr, "pdc_ip", r->pdc_ip); + ndr_print_DATA_BLOB(ndr, "remaining", r->remaining); + ndr->depth--; +} + +_PUBLIC_ size_t ndr_size_nbt_sockaddr(const struct nbt_sockaddr *r, int flags) +{ + return ndr_size_struct(r, flags, (ndr_push_flags_fn_t)ndr_push_nbt_sockaddr); +} + +_PUBLIC_ enum ndr_err_code ndr_push_nbt_server_type(struct ndr_push *ndr, int ndr_flags, uint32_t r) +{ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r)); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_server_type(struct ndr_pull *ndr, int ndr_flags, uint32_t *r) +{ + uint32_t v; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); + *r = v; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_nbt_server_type(struct ndr_print *ndr, const char *name, uint32_t r) +{ + ndr_print_uint32(ndr, name, r); + ndr->depth++; + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_PDC", NBT_SERVER_PDC, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_GC", NBT_SERVER_GC, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_LDAP", NBT_SERVER_LDAP, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_DS", NBT_SERVER_DS, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_KDC", NBT_SERVER_KDC, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_TIMESERV", NBT_SERVER_TIMESERV, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_CLOSEST", NBT_SERVER_CLOSEST, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_WRITABLE", NBT_SERVER_WRITABLE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_GOOD_TIMESERV", NBT_SERVER_GOOD_TIMESERV, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_NDNC", NBT_SERVER_NDNC, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_SELECT_SECRET_DOMAIN_6", NBT_SERVER_SELECT_SECRET_DOMAIN_6, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_FULL_SECRET_DOMAIN_6", NBT_SERVER_FULL_SECRET_DOMAIN_6, r); + ndr->depth--; +} + +_PUBLIC_ enum ndr_err_code ndr_push_netlogon_nt_version_flags(struct ndr_push *ndr, int ndr_flags, uint32_t r) +{ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r)); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_netlogon_nt_version_flags(struct ndr_pull *ndr, int ndr_flags, uint32_t *r) +{ + uint32_t v; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); + *r = v; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_netlogon_nt_version_flags(struct ndr_print *ndr, const char *name, uint32_t r) +{ + ndr_print_uint32(ndr, name, r); + ndr->depth++; + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_1", NETLOGON_NT_VERSION_1, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_5", NETLOGON_NT_VERSION_5, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_5EX", NETLOGON_NT_VERSION_5EX, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_5EX_WITH_IP", NETLOGON_NT_VERSION_5EX_WITH_IP, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_WITH_CLOSEST_SITE", NETLOGON_NT_VERSION_WITH_CLOSEST_SITE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_AVIOD_NT4EMUL", NETLOGON_NT_VERSION_AVIOD_NT4EMUL, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_PDC", NETLOGON_NT_VERSION_PDC, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_IP", NETLOGON_NT_VERSION_IP, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_LOCAL", NETLOGON_NT_VERSION_LOCAL, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_NT_VERSION_GC", NETLOGON_NT_VERSION_GC, r); + ndr->depth--; +} + +_PUBLIC_ enum ndr_err_code ndr_push_netlogon_command(struct ndr_push *ndr, int ndr_flags, enum netlogon_command r) { NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_command(struct ndr_pull *ndr, int ndr_flags, enum nbt_netlogon_command *r) +_PUBLIC_ enum ndr_err_code ndr_pull_netlogon_command(struct ndr_pull *ndr, int ndr_flags, enum netlogon_command *r) { uint16_t v; NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); @@ -1562,260 +1666,370 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_command(struct ndr_pull *ndr, int return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_command(struct ndr_print *ndr, const char *name, enum nbt_netlogon_command r) +_PUBLIC_ void ndr_print_netlogon_command(struct ndr_print *ndr, const char *name, enum netlogon_command r) { const char *val = NULL; switch (r) { - case NETLOGON_QUERY_FOR_PDC: val = "NETLOGON_QUERY_FOR_PDC"; break; + case LOGON_PRIMARY_QUERY: val = "LOGON_PRIMARY_QUERY"; break; case NETLOGON_ANNOUNCE_UAS: val = "NETLOGON_ANNOUNCE_UAS"; break; case NETLOGON_RESPONSE_FROM_PDC: val = "NETLOGON_RESPONSE_FROM_PDC"; break; - case NETLOGON_QUERY_FOR_PDC2: val = "NETLOGON_QUERY_FOR_PDC2"; break; - case NETLOGON_RESPONSE_FROM_PDC2: val = "NETLOGON_RESPONSE_FROM_PDC2"; break; - case NETLOGON_RESPONSE_FROM_PDC_USER: val = "NETLOGON_RESPONSE_FROM_PDC_USER"; break; + case LOGON_SAM_LOGON_REQUEST: val = "LOGON_SAM_LOGON_REQUEST"; break; + case LOGON_SAM_LOGON_RESPONSE: val = "LOGON_SAM_LOGON_RESPONSE"; break; + case LOGON_SAM_LOGON_PAUSE_RESPONSE: val = "LOGON_SAM_LOGON_PAUSE_RESPONSE"; break; + case LOGON_SAM_LOGON_USER_UNKNOWN: val = "LOGON_SAM_LOGON_USER_UNKNOWN"; break; + case LOGON_SAM_LOGON_RESPONSE_EX: val = "LOGON_SAM_LOGON_RESPONSE_EX"; break; + case LOGON_SAM_LOGON_PAUSE_RESPONSE_EX: val = "LOGON_SAM_LOGON_PAUSE_RESPONSE_EX"; break; + case LOGON_SAM_LOGON_USER_UNKNOWN_EX: val = "LOGON_SAM_LOGON_USER_UNKNOWN_EX"; break; } ndr_print_enum(ndr, name, "ENUM", val, r); } -static enum ndr_err_code ndr_push_nbt_netlogon_version(struct ndr_push *ndr, int ndr_flags, uint32_t r) +_PUBLIC_ void ndr_print_NETLOGON_SAM_LOGON_REQUEST(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_REQUEST *r) +{ + ndr_print_struct(ndr, name, "NETLOGON_SAM_LOGON_REQUEST"); + ndr->depth++; + ndr_print_uint16(ndr, "request_count", r->request_count); + ndr_print_string(ndr, "computer_name", r->computer_name); + ndr_print_string(ndr, "user_name", r->user_name); + ndr_print_string(ndr, "mailslot_name", r->mailslot_name); + ndr_print_samr_AcctFlags(ndr, "acct_control", r->acct_control); + ndr_print_uint32(ndr, "sid_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_dom_sid0(&r->sid, ndr->flags):r->sid_size); + ndr_print_DATA_BLOB(ndr, "_pad", r->_pad); + ndr_print_dom_sid0(ndr, "sid", &r->sid); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); + ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); + ndr_print_uint16(ndr, "lm20_token", r->lm20_token); + ndr->depth--; +} + +_PUBLIC_ enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r) { { - uint32_t _flags_save_BITMAP = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r)); - ndr->flags = _flags_save_BITMAP; + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->server)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); + } + if (ndr_flags & NDR_BUFFERS) { + } + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_version(struct ndr_pull *ndr, int ndr_flags, uint32_t *r) +_PUBLIC_ enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r) { - uint32_t v; { - uint32_t _flags_save_BITMAP = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); - *r = v; - ndr->flags = _flags_save_BITMAP; + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->server)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); + } + if (ndr_flags & NDR_BUFFERS) { + } + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_version(struct ndr_print *ndr, const char *name, uint32_t r) +_PUBLIC_ void ndr_print_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r) { + ndr_print_struct(ndr, name, "NETLOGON_SAM_LOGON_RESPONSE_NT40"); { - uint32_t _flags_save_BITMAP = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN); - ndr_print_uint32(ndr, name, r); + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); ndr->depth++; - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_1", NETLOGON_VERSION_1, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_5", NETLOGON_VERSION_5, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_5EX", NETLOGON_VERSION_5EX, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_5EX_WITH_IP", NETLOGON_VERSION_5EX_WITH_IP, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_WITH_CLOSEST_SITE", NETLOGON_VERSION_WITH_CLOSEST_SITE, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_AVOID_NT4_EMUL", NETLOGON_VERSION_AVOID_NT4_EMUL, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_PDC", NETLOGON_VERSION_PDC, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_IP", NETLOGON_VERSION_IP, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_LOCAL", NETLOGON_VERSION_LOCAL, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETLOGON_VERSION_GC", NETLOGON_VERSION_GC, r); + ndr_print_netlogon_command(ndr, "command", r->command); + ndr_print_string(ndr, "server", r->server); + ndr_print_string(ndr, "user_name", r->user_name); + ndr_print_string(ndr, "domain", r->domain); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); + ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); + ndr_print_uint16(ndr, "lm20_token", r->lm20_token); ndr->depth--; - ndr->flags = _flags_save_BITMAP; + ndr->flags = _flags_save_STRUCT; } } -static enum ndr_err_code ndr_push_nbt_netlogon_query_for_pdc(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_query_for_pdc *r) +_PUBLIC_ enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE *r) { - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->mailslot_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN2); - NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->_pad)); - ndr->flags = _flags_save_DATA_BLOB; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain_name)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); + NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->zero_uuid)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); + NDR_CHECK(ndr_push_ipv4address(ndr, NDR_SCALARS, r->pdc_ip)); + NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); + NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->unicode_name)); - ndr->flags = _flags_save_string; + if (ndr_flags & NDR_BUFFERS) { } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_query_for_pdc(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_query_for_pdc *r) +_PUBLIC_ enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE *r) { - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->mailslot_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN2); - NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->_pad)); - ndr->flags = _flags_save_DATA_BLOB; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain_name)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); + NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->zero_uuid)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); + NDR_CHECK(ndr_pull_ipv4address(ndr, NDR_SCALARS, &r->pdc_ip)); + NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); + NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->unicode_name)); - ndr->flags = _flags_save_string; + if (ndr_flags & NDR_BUFFERS) { } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_query_for_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc *r) +_PUBLIC_ void ndr_print_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE *r) { - ndr_print_struct(ndr, name, "nbt_netlogon_query_for_pdc"); - ndr->depth++; - ndr_print_string(ndr, "computer_name", r->computer_name); - ndr_print_string(ndr, "mailslot_name", r->mailslot_name); - ndr_print_DATA_BLOB(ndr, "_pad", r->_pad); - ndr_print_string(ndr, "unicode_name", r->unicode_name); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; + ndr_print_struct(ndr, name, "NETLOGON_SAM_LOGON_RESPONSE"); + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + ndr->depth++; + ndr_print_netlogon_command(ndr, "command", r->command); + ndr_print_string(ndr, "pdc_name", r->pdc_name); + ndr_print_string(ndr, "user_name", r->user_name); + ndr_print_string(ndr, "domain_name", r->domain_name); + ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); + ndr_print_GUID(ndr, "zero_uuid", &r->zero_uuid); + ndr_print_nbt_string(ndr, "forest", r->forest); + ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); + ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); + ndr_print_ipv4address(ndr, "pdc_ip", r->pdc_ip); + ndr_print_nbt_server_type(ndr, "server_type", r->server_type); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); + ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); + ndr_print_uint16(ndr, "lm20_token", r->lm20_token); + ndr->depth--; + ndr->flags = _flags_save_STRUCT; + } } -static enum ndr_err_code ndr_push_nbt_netlogon_query_for_pdc2(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_query_for_pdc2 *r) +_PUBLIC_ enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r) { - uint32_t cntr_unknown_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->request_count)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->mailslot_name)); - ndr->flags = _flags_save_string; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz)); + NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); + NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags))); + { + struct ndr_push *_ndr_sockaddr; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags))); + NDR_CHECK(ndr_push_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS, &r->sockaddr)); + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags))); + } + NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->next_closest_site)); + NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); } - for (cntr_unknown_0 = 0; cntr_unknown_0 < 2; cntr_unknown_0++) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown[cntr_unknown_0])); + if (ndr_flags & NDR_BUFFERS) { } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_query_for_pdc2(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_query_for_pdc2 *r) +_PUBLIC_ enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_EX *r) { - uint32_t cntr_unknown_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->request_count)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->mailslot_name)); - ndr->flags = _flags_save_string; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz)); + NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); + NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sockaddr_size)); + { + struct ndr_pull *_ndr_sockaddr; + NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sockaddr, 0, r->sockaddr_size)); + NDR_CHECK(ndr_pull_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS, &r->sockaddr)); + NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sockaddr, 0, r->sockaddr_size)); + } + NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->next_closest_site)); + NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); } - for (cntr_unknown_0 = 0; cntr_unknown_0 < 2; cntr_unknown_0++) { - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown[cntr_unknown_0])); + if (ndr_flags & NDR_BUFFERS) { } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_query_for_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc2 *r) +_PUBLIC_ void ndr_print_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r) { - uint32_t cntr_unknown_0; - ndr_print_struct(ndr, name, "nbt_netlogon_query_for_pdc2"); - ndr->depth++; - ndr_print_uint16(ndr, "request_count", r->request_count); - ndr_print_string(ndr, "computer_name", r->computer_name); - ndr_print_string(ndr, "user_name", r->user_name); - ndr_print_string(ndr, "mailslot_name", r->mailslot_name); - ndr->print(ndr, "%s: ARRAY(%d)", "unknown", (int)2); - ndr->depth++; - for (cntr_unknown_0=0;cntr_unknown_0<2;cntr_unknown_0++) { - char *idx_0=NULL; - if (asprintf(&idx_0, "[%d]", cntr_unknown_0) != -1) { - ndr_print_uint32(ndr, "unknown", r->unknown[cntr_unknown_0]); - free(idx_0); - } + ndr_print_struct(ndr, name, "NETLOGON_SAM_LOGON_RESPONSE_EX"); + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + ndr->depth++; + ndr_print_netlogon_command(ndr, "command", r->command); + ndr_print_uint16(ndr, "sbz", r->sbz); + ndr_print_nbt_server_type(ndr, "server_type", r->server_type); + ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); + ndr_print_nbt_string(ndr, "forest", r->forest); + ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); + ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); + ndr_print_nbt_string(ndr, "domain", r->domain); + ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); + ndr_print_nbt_string(ndr, "user_name", r->user_name); + ndr_print_nbt_string(ndr, "server_site", r->server_site); + ndr_print_nbt_string(ndr, "client_site", r->client_site); + ndr_print_uint8(ndr, "sockaddr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags):r->sockaddr_size); + ndr_print_nbt_sockaddr(ndr, "sockaddr", &r->sockaddr); + ndr_print_nbt_string(ndr, "next_closest_site", r->next_closest_site); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); + ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); + ndr_print_uint16(ndr, "lm20_token", r->lm20_token); + ndr->depth--; + ndr->flags = _flags_save_STRUCT; } - ndr->depth--; - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; } -static enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_response_from_pdc *r) +static enum ndr_err_code ndr_push_nbt_netlogon_query_for_pdc(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_query_for_pdc *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); { uint32_t _flags_save_string = ndr->flags; ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->pdc_name)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->mailslot_name)); ndr->flags = _flags_save_string; } { @@ -1827,16 +2041,10 @@ static enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc(struct ndr_push { uint32_t _flags_save_string = ndr->flags; ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->unicode_pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain_name)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->unicode_name)); ndr->flags = _flags_save_string; } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); + NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); } @@ -1845,14 +2053,20 @@ static enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc(struct ndr_push return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_response_from_pdc *r) +static enum ndr_err_code ndr_pull_nbt_netlogon_query_for_pdc(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_query_for_pdc *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); { uint32_t _flags_save_string = ndr->flags; ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pdc_name)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->mailslot_name)); ndr->flags = _flags_save_string; } { @@ -1864,16 +2078,10 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc(struct ndr_pull { uint32_t _flags_save_string = ndr->flags; ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->unicode_pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain_name)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->unicode_name)); ndr->flags = _flags_save_string; } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); + NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); } @@ -1882,205 +2090,127 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc(struct ndr_pull return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_response_from_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc *r) +_PUBLIC_ void ndr_print_nbt_netlogon_query_for_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc *r) { - ndr_print_struct(ndr, name, "nbt_netlogon_response_from_pdc"); + ndr_print_struct(ndr, name, "nbt_netlogon_query_for_pdc"); ndr->depth++; - ndr_print_string(ndr, "pdc_name", r->pdc_name); + ndr_print_string(ndr, "computer_name", r->computer_name); + ndr_print_string(ndr, "mailslot_name", r->mailslot_name); ndr_print_DATA_BLOB(ndr, "_pad", r->_pad); - ndr_print_string(ndr, "unicode_pdc_name", r->unicode_pdc_name); - ndr_print_string(ndr, "domain_name", r->domain_name); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); + ndr_print_string(ndr, "unicode_name", r->unicode_name); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); ndr_print_uint16(ndr, "lm20_token", r->lm20_token); ndr->depth--; } -static enum ndr_err_code ndr_push_nbt_server_type(struct ndr_push *ndr, int ndr_flags, uint32_t r) -{ - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r)); - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_server_type(struct ndr_pull *ndr, int ndr_flags, uint32_t *r) -{ - uint32_t v; - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); - *r = v; - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_server_type(struct ndr_print *ndr, const char *name, uint32_t r) -{ - ndr_print_uint32(ndr, name, r); - ndr->depth++; - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_PDC", NBT_SERVER_PDC, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_GC", NBT_SERVER_GC, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_LDAP", NBT_SERVER_LDAP, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_DS", NBT_SERVER_DS, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_KDC", NBT_SERVER_KDC, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_TIMESERV", NBT_SERVER_TIMESERV, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_CLOSEST", NBT_SERVER_CLOSEST, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_WRITABLE", NBT_SERVER_WRITABLE, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_GOOD_TIMESERV", NBT_SERVER_GOOD_TIMESERV, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_NDNC", NBT_SERVER_NDNC, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_SELECT_SECRET_DOMAIN_6", NBT_SERVER_SELECT_SECRET_DOMAIN_6, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NBT_SERVER_FULL_SECRET_DOMAIN_6", NBT_SERVER_FULL_SECRET_DOMAIN_6, r); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_dc_sock_addr(struct ndr_push *ndr, int ndr_flags, const struct nbt_dc_sock_addr *r) +_PUBLIC_ enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_response_from_pdc *r) { - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->family)); - { - uint32_t _flags_save_ipv4address = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_BIGENDIAN); - NDR_CHECK(ndr_push_ipv4address(ndr, NDR_SCALARS, r->pdc_ip)); - ndr->flags = _flags_save_ipv4address; - } - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); - NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->remaining)); - ndr->flags = _flags_save_DATA_BLOB; - } - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_dc_sock_addr(struct ndr_pull *ndr, int ndr_flags, struct nbt_dc_sock_addr *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->family)); - { - uint32_t _flags_save_ipv4address = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_BIGENDIAN); - NDR_CHECK(ndr_pull_ipv4address(ndr, NDR_SCALARS, &r->pdc_ip)); - ndr->flags = _flags_save_ipv4address; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN2); + NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->_pad)); + ndr->flags = _flags_save_DATA_BLOB; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->unicode_pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain_name)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); } - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); - NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->remaining)); - ndr->flags = _flags_save_DATA_BLOB; + if (ndr_flags & NDR_BUFFERS) { } - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_dc_sock_addr(struct ndr_print *ndr, const char *name, const struct nbt_dc_sock_addr *r) +_PUBLIC_ enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_response_from_pdc *r) { - ndr_print_struct(ndr, name, "nbt_dc_sock_addr"); - ndr->depth++; - ndr_print_uint32(ndr, "family", r->family); - ndr_print_ipv4address(ndr, "pdc_ip", r->pdc_ip); - ndr_print_DATA_BLOB(ndr, "remaining", r->remaining); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc2(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_response_from_pdc2 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN4); - NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->_pad)); - ndr->flags = _flags_save_DATA_BLOB; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command)); + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN2); + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->_pad)); + ndr->flags = _flags_save_DATA_BLOB; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->unicode_pdc_name)); + ndr->flags = _flags_save_string; + } + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain_name)); + ndr->flags = _flags_save_string; + } + NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); } - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->dc_sock_addr_size)); - { - struct ndr_push *_ndr_dc_sock_addr; - NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_push_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); + if (ndr_flags & NDR_BUFFERS) { } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr->flags = _flags_save_STRUCT; } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc2(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_response_from_pdc2 *r) +_PUBLIC_ void ndr_print_nbt_netlogon_response_from_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc *r) { - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - { - uint32_t _flags_save_DATA_BLOB = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN4); - NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->_pad)); - ndr->flags = _flags_save_DATA_BLOB; - } - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->dc_sock_addr_size)); - { - struct ndr_pull *_ndr_dc_sock_addr; - NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_pull_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { + ndr_print_struct(ndr, name, "nbt_netlogon_response_from_pdc"); + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); + ndr->depth++; + ndr_print_netlogon_command(ndr, "command", r->command); + ndr_print_string(ndr, "pdc_name", r->pdc_name); + ndr_print_DATA_BLOB(ndr, "_pad", r->_pad); + ndr_print_string(ndr, "unicode_pdc_name", r->unicode_pdc_name); + ndr_print_string(ndr, "domain_name", r->domain_name); + ndr_print_netlogon_nt_version_flags(ndr, "nt_version", r->nt_version); + ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); + ndr_print_uint16(ndr, "lm20_token", r->lm20_token); + ndr->depth--; + ndr->flags = _flags_save_STRUCT; } - return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_response_from_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc2 *r) -{ - ndr_print_struct(ndr, name, "nbt_netlogon_response_from_pdc2"); - ndr->depth++; - ndr_print_DATA_BLOB(ndr, "_pad", r->_pad); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_nbt_string(ndr, "domain", r->domain); - ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); - ndr_print_nbt_string(ndr, "user_name", r->user_name); - ndr_print_nbt_string(ndr, "server_site", r->server_site); - ndr_print_nbt_string(ndr, "client_site", r->client_site); - ndr_print_uint8(ndr, "dc_sock_addr_size", r->dc_sock_addr_size); - ndr_print_nbt_dc_sock_addr(ndr, "dc_sock_addr", &r->dc_sock_addr); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_db_change(struct ndr_push *ndr, int ndr_flags, const struct nbt_db_change *r) +static enum ndr_err_code ndr_push_nbt_db_change_info(struct ndr_push *ndr, int ndr_flags, const struct nbt_db_change_info *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 8)); @@ -2093,7 +2223,7 @@ static enum ndr_err_code ndr_push_nbt_db_change(struct ndr_push *ndr, int ndr_fl return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_db_change(struct ndr_pull *ndr, int ndr_flags, struct nbt_db_change *r) +static enum ndr_err_code ndr_pull_nbt_db_change_info(struct ndr_pull *ndr, int ndr_flags, struct nbt_db_change_info *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 8)); @@ -2106,9 +2236,9 @@ static enum ndr_err_code ndr_pull_nbt_db_change(struct ndr_pull *ndr, int ndr_fl return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_db_change(struct ndr_print *ndr, const char *name, const struct nbt_db_change *r) +_PUBLIC_ void ndr_print_nbt_db_change_info(struct ndr_print *ndr, const char *name, const struct nbt_db_change_info *r) { - ndr_print_struct(ndr, name, "nbt_db_change"); + ndr_print_struct(ndr, name, "nbt_db_change_info"); ndr->depth++; ndr_print_netr_SamDatabaseID(ndr, "db_index", r->db_index); ndr_print_hyper(ndr, "serial", r->serial); @@ -2116,7 +2246,7 @@ _PUBLIC_ void ndr_print_nbt_db_change(struct ndr_print *ndr, const char *name, c ndr->depth--; } -static enum ndr_err_code ndr_push_nbt_netlogon_announce_uas(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_announce_uas *r) +static enum ndr_err_code ndr_push_NETLOGON_DB_CHANGE(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_DB_CHANGE *r) { uint32_t cntr_dbchange_0; if (ndr_flags & NDR_SCALARS) { @@ -2157,7 +2287,7 @@ static enum ndr_err_code ndr_push_nbt_netlogon_announce_uas(struct ndr_push *ndr } NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->db_count)); for (cntr_dbchange_0 = 0; cntr_dbchange_0 < r->db_count; cntr_dbchange_0++) { - NDR_CHECK(ndr_push_nbt_db_change(ndr, NDR_SCALARS, &r->dbchange[cntr_dbchange_0])); + NDR_CHECK(ndr_push_nbt_db_change_info(ndr, NDR_SCALARS, &r->dbchange[cntr_dbchange_0])); } NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_dom_sid0(&r->sid, ndr->flags))); { @@ -2166,16 +2296,15 @@ static enum ndr_err_code ndr_push_nbt_netlogon_announce_uas(struct ndr_push *ndr NDR_CHECK(ndr_push_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid)); NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sid, 0, ndr_size_dom_sid0(&r->sid, ndr->flags))); } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->message_format_version)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->message_token)); } if (ndr_flags & NDR_BUFFERS) { } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_nbt_netlogon_announce_uas(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_announce_uas *r) +static enum ndr_err_code ndr_pull_NETLOGON_DB_CHANGE(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_DB_CHANGE *r) { uint32_t cntr_dbchange_0; TALLOC_CTX *_mem_save_dbchange_0; @@ -2220,7 +2349,7 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_announce_uas(struct ndr_pull *ndr _mem_save_dbchange_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->dbchange, 0); for (cntr_dbchange_0 = 0; cntr_dbchange_0 < r->db_count; cntr_dbchange_0++) { - NDR_CHECK(ndr_pull_nbt_db_change(ndr, NDR_SCALARS, &r->dbchange[cntr_dbchange_0])); + NDR_CHECK(ndr_pull_nbt_db_change_info(ndr, NDR_SCALARS, &r->dbchange[cntr_dbchange_0])); } NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dbchange_0, 0); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_size)); @@ -2230,19 +2359,18 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_announce_uas(struct ndr_pull *ndr NDR_CHECK(ndr_pull_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid)); NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sid, 0, r->sid_size)); } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->message_format_version)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->message_token)); } if (ndr_flags & NDR_BUFFERS) { } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_nbt_netlogon_announce_uas(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_announce_uas *r) +_PUBLIC_ void ndr_print_NETLOGON_DB_CHANGE(struct ndr_print *ndr, const char *name, const struct NETLOGON_DB_CHANGE *r) { uint32_t cntr_dbchange_0; - ndr_print_struct(ndr, name, "nbt_netlogon_announce_uas"); + ndr_print_struct(ndr, name, "NETLOGON_DB_CHANGE"); ndr->depth++; ndr_print_uint32(ndr, "serial_lo", r->serial_lo); ndr_print_time_t(ndr, "timestamp", r->timestamp); @@ -2259,16 +2387,15 @@ _PUBLIC_ void ndr_print_nbt_netlogon_announce_uas(struct ndr_print *ndr, const c for (cntr_dbchange_0=0;cntr_dbchange_0<r->db_count;cntr_dbchange_0++) { char *idx_0=NULL; if (asprintf(&idx_0, "[%d]", cntr_dbchange_0) != -1) { - ndr_print_nbt_db_change(ndr, "dbchange", &r->dbchange[cntr_dbchange_0]); + ndr_print_nbt_db_change_info(ndr, "dbchange", &r->dbchange[cntr_dbchange_0]); free(idx_0); } } ndr->depth--; ndr_print_uint32(ndr, "sid_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_dom_sid0(&r->sid, ndr->flags):r->sid_size); ndr_print_dom_sid0(ndr, "sid", &r->sid); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); + ndr_print_uint32(ndr, "message_format_version", r->message_format_version); + ndr_print_uint32(ndr, "message_token", r->message_token); ndr->depth--; } @@ -2277,28 +2404,16 @@ static enum ndr_err_code ndr_push_nbt_netlogon_request(struct ndr_push *ndr, int if (ndr_flags & NDR_SCALARS) { int level = ndr_push_get_switch_value(ndr, r); switch (level) { - case NETLOGON_QUERY_FOR_PDC: { - NDR_CHECK(ndr_push_nbt_netlogon_query_for_pdc(ndr, NDR_SCALARS, &r->pdc)); + case LOGON_SAM_LOGON_REQUEST: { + NDR_CHECK(ndr_push_NETLOGON_SAM_LOGON_REQUEST(ndr, NDR_SCALARS, &r->logon)); break; } - case NETLOGON_QUERY_FOR_PDC2: { - NDR_CHECK(ndr_push_nbt_netlogon_query_for_pdc2(ndr, NDR_SCALARS, &r->pdc2)); + case LOGON_PRIMARY_QUERY: { + NDR_CHECK(ndr_push_nbt_netlogon_query_for_pdc(ndr, NDR_SCALARS, &r->pdc)); break; } case NETLOGON_ANNOUNCE_UAS: { - NDR_CHECK(ndr_push_nbt_netlogon_announce_uas(ndr, NDR_SCALARS, &r->uas)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC: { - NDR_CHECK(ndr_push_nbt_netlogon_response_from_pdc(ndr, NDR_SCALARS, &r->response)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC2: { - NDR_CHECK(ndr_push_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->response2)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC_USER: { - NDR_CHECK(ndr_push_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->response2)); + NDR_CHECK(ndr_push_NETLOGON_DB_CHANGE(ndr, NDR_SCALARS, &r->uas)); break; } default: @@ -2308,23 +2423,15 @@ static enum ndr_err_code ndr_push_nbt_netlogon_request(struct ndr_push *ndr, int if (ndr_flags & NDR_BUFFERS) { int level = ndr_push_get_switch_value(ndr, r); switch (level) { - case NETLOGON_QUERY_FOR_PDC: + case LOGON_SAM_LOGON_REQUEST: + NDR_CHECK(ndr_push_NETLOGON_SAM_LOGON_REQUEST(ndr, NDR_BUFFERS, &r->logon)); break; - case NETLOGON_QUERY_FOR_PDC2: + case LOGON_PRIMARY_QUERY: break; case NETLOGON_ANNOUNCE_UAS: - NDR_CHECK(ndr_push_nbt_netlogon_announce_uas(ndr, NDR_BUFFERS, &r->uas)); - break; - - case NETLOGON_RESPONSE_FROM_PDC: - break; - - case NETLOGON_RESPONSE_FROM_PDC2: - break; - - case NETLOGON_RESPONSE_FROM_PDC_USER: + NDR_CHECK(ndr_push_NETLOGON_DB_CHANGE(ndr, NDR_BUFFERS, &r->uas)); break; default: @@ -2340,28 +2447,16 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_request(struct ndr_pull *ndr, int level = ndr_pull_get_switch_value(ndr, r); if (ndr_flags & NDR_SCALARS) { switch (level) { - case NETLOGON_QUERY_FOR_PDC: { - NDR_CHECK(ndr_pull_nbt_netlogon_query_for_pdc(ndr, NDR_SCALARS, &r->pdc)); + case LOGON_SAM_LOGON_REQUEST: { + NDR_CHECK(ndr_pull_NETLOGON_SAM_LOGON_REQUEST(ndr, NDR_SCALARS, &r->logon)); break; } - case NETLOGON_QUERY_FOR_PDC2: { - NDR_CHECK(ndr_pull_nbt_netlogon_query_for_pdc2(ndr, NDR_SCALARS, &r->pdc2)); + case LOGON_PRIMARY_QUERY: { + NDR_CHECK(ndr_pull_nbt_netlogon_query_for_pdc(ndr, NDR_SCALARS, &r->pdc)); break; } case NETLOGON_ANNOUNCE_UAS: { - NDR_CHECK(ndr_pull_nbt_netlogon_announce_uas(ndr, NDR_SCALARS, &r->uas)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC: { - NDR_CHECK(ndr_pull_nbt_netlogon_response_from_pdc(ndr, NDR_SCALARS, &r->response)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC2: { - NDR_CHECK(ndr_pull_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->response2)); - break; } - - case NETLOGON_RESPONSE_FROM_PDC_USER: { - NDR_CHECK(ndr_pull_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->response2)); + NDR_CHECK(ndr_pull_NETLOGON_DB_CHANGE(ndr, NDR_SCALARS, &r->uas)); break; } default: @@ -2370,23 +2465,15 @@ static enum ndr_err_code ndr_pull_nbt_netlogon_request(struct ndr_pull *ndr, int } if (ndr_flags & NDR_BUFFERS) { switch (level) { - case NETLOGON_QUERY_FOR_PDC: + case LOGON_SAM_LOGON_REQUEST: + NDR_CHECK(ndr_pull_NETLOGON_SAM_LOGON_REQUEST(ndr, NDR_BUFFERS, &r->logon)); break; - case NETLOGON_QUERY_FOR_PDC2: + case LOGON_PRIMARY_QUERY: break; case NETLOGON_ANNOUNCE_UAS: - NDR_CHECK(ndr_pull_nbt_netlogon_announce_uas(ndr, NDR_BUFFERS, &r->uas)); - break; - - case NETLOGON_RESPONSE_FROM_PDC: - break; - - case NETLOGON_RESPONSE_FROM_PDC2: - break; - - case NETLOGON_RESPONSE_FROM_PDC_USER: + NDR_CHECK(ndr_pull_NETLOGON_DB_CHANGE(ndr, NDR_BUFFERS, &r->uas)); break; default: @@ -2402,28 +2489,16 @@ _PUBLIC_ void ndr_print_nbt_netlogon_request(struct ndr_print *ndr, const char * level = ndr_print_get_switch_value(ndr, r); ndr_print_union(ndr, name, level, "nbt_netlogon_request"); switch (level) { - case NETLOGON_QUERY_FOR_PDC: - ndr_print_nbt_netlogon_query_for_pdc(ndr, "pdc", &r->pdc); + case LOGON_SAM_LOGON_REQUEST: + ndr_print_NETLOGON_SAM_LOGON_REQUEST(ndr, "logon", &r->logon); break; - case NETLOGON_QUERY_FOR_PDC2: - ndr_print_nbt_netlogon_query_for_pdc2(ndr, "pdc2", &r->pdc2); + case LOGON_PRIMARY_QUERY: + ndr_print_nbt_netlogon_query_for_pdc(ndr, "pdc", &r->pdc); break; case NETLOGON_ANNOUNCE_UAS: - ndr_print_nbt_netlogon_announce_uas(ndr, "uas", &r->uas); - break; - - case NETLOGON_RESPONSE_FROM_PDC: - ndr_print_nbt_netlogon_response_from_pdc(ndr, "response", &r->response); - break; - - case NETLOGON_RESPONSE_FROM_PDC2: - ndr_print_nbt_netlogon_response_from_pdc2(ndr, "response2", &r->response2); - break; - - case NETLOGON_RESPONSE_FROM_PDC_USER: - ndr_print_nbt_netlogon_response_from_pdc2(ndr, "response2", &r->response2); + ndr_print_NETLOGON_DB_CHANGE(ndr, "uas", &r->uas); break; default: @@ -2438,7 +2513,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_nbt_netlogon_packet(struct ndr_push *ndr, in ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 8)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->command)); + NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command)); NDR_CHECK(ndr_push_set_switch_value(ndr, &r->req, r->command)); NDR_CHECK(ndr_push_nbt_netlogon_request(ndr, NDR_SCALARS, &r->req)); } @@ -2457,7 +2532,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_nbt_netlogon_packet(struct ndr_pull *ndr, in ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 8)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->command)); + NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command)); NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->req, r->command)); NDR_CHECK(ndr_pull_nbt_netlogon_request(ndr, NDR_SCALARS, &r->req)); } @@ -2476,7 +2551,7 @@ _PUBLIC_ void ndr_print_nbt_netlogon_packet(struct ndr_print *ndr, const char *n uint32_t _flags_save_STRUCT = ndr->flags; ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "command", r->command); + ndr_print_netlogon_command(ndr, "command", r->command); ndr_print_set_switch_value(ndr, &r->req, r->command); ndr_print_nbt_netlogon_request(ndr, "req", &r->req); ndr->depth--; @@ -2484,1524 +2559,6 @@ _PUBLIC_ void ndr_print_nbt_netlogon_packet(struct ndr_print *ndr, const char *n } } -static enum ndr_err_code ndr_push_nbt_cldap_netlogon_1(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_1 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 1)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_cldap_netlogon_1(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_1 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_1(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_1 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_1"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_string(ndr, "pdc_name", r->pdc_name); - ndr_print_string(ndr, "user_name", r->user_name); - ndr_print_string(ndr, "domain_name", r->domain_name); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?1:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_cldap_netlogon_3(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_3 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->unknown_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_ipv4address(ndr, NDR_SCALARS, r->pdc_ip)); - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 3)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_cldap_netlogon_3(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_3 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->pdc_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->unknown_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_ipv4address(ndr, NDR_SCALARS, &r->pdc_ip)); - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_3(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_3 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_3"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_string(ndr, "pdc_name", r->pdc_name); - ndr_print_string(ndr, "user_name", r->user_name); - ndr_print_string(ndr, "domain_name", r->domain_name); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_GUID(ndr, "unknown_uuid", &r->unknown_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_ipv4address(ndr, "pdc_ip", r->pdc_ip); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?3:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_5(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_5 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz)); - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 5)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_5(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_5 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz)); - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_5(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_5 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_5"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_uint16(ndr, "sbz", r->sbz); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_nbt_string(ndr, "domain", r->domain); - ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); - ndr_print_nbt_string(ndr, "user_name", r->user_name); - ndr_print_nbt_string(ndr, "server_site", r->server_site); - ndr_print_nbt_string(ndr, "client_site", r->client_site); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?5:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_cldap_netlogon_13(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_13 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz)); - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->dc_sock_addr_size)); - { - struct ndr_push *_ndr_dc_sock_addr; - NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_push_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 13)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_cldap_netlogon_13(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_13 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz)); - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->dc_sock_addr_size)); - { - struct ndr_pull *_ndr_dc_sock_addr; - NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_pull_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_13(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_13 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_13"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_uint16(ndr, "sbz", r->sbz); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_nbt_string(ndr, "domain", r->domain); - ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); - ndr_print_nbt_string(ndr, "user_name", r->user_name); - ndr_print_nbt_string(ndr, "server_site", r->server_site); - ndr_print_nbt_string(ndr, "client_site", r->client_site); - ndr_print_uint8(ndr, "dc_sock_addr_size", r->dc_sock_addr_size); - ndr_print_nbt_dc_sock_addr(ndr, "dc_sock_addr", &r->dc_sock_addr); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?13:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_15(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_15 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz)); - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->next_closest_site)); - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 15)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_15(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_15 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz)); - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->next_closest_site)); - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_15(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_15 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_15"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_uint16(ndr, "sbz", r->sbz); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_nbt_string(ndr, "domain", r->domain); - ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); - ndr_print_nbt_string(ndr, "user_name", r->user_name); - ndr_print_nbt_string(ndr, "server_site", r->server_site); - ndr_print_nbt_string(ndr, "client_site", r->client_site); - ndr_print_nbt_string(ndr, "next_closest_site", r->next_closest_site); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?15:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon_29(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_29 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_netlogon_command(ndr, NDR_SCALARS, r->type)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz)); - NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type)); - NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site)); - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->dc_sock_addr_size)); - { - struct ndr_push *_ndr_dc_sock_addr; - NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_push_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - } - NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->next_closest_site)); - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, 29)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon_29(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_29 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_netlogon_command(ndr, NDR_SCALARS, &r->type)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz)); - NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type)); - NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site)); - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->dc_sock_addr_size)); - { - struct ndr_pull *_ndr_dc_sock_addr; - NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - NDR_CHECK(ndr_pull_nbt_dc_sock_addr(_ndr_dc_sock_addr, NDR_SCALARS, &r->dc_sock_addr)); - NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_dc_sock_addr, 0, r->dc_sock_addr_size)); - } - NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->next_closest_site)); - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon_29(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_29 *r) -{ - ndr_print_struct(ndr, name, "nbt_cldap_netlogon_29"); - ndr->depth++; - ndr_print_nbt_netlogon_command(ndr, "type", r->type); - ndr_print_uint16(ndr, "sbz", r->sbz); - ndr_print_nbt_server_type(ndr, "server_type", r->server_type); - ndr_print_GUID(ndr, "domain_uuid", &r->domain_uuid); - ndr_print_nbt_string(ndr, "forest", r->forest); - ndr_print_nbt_string(ndr, "dns_domain", r->dns_domain); - ndr_print_nbt_string(ndr, "pdc_dns_name", r->pdc_dns_name); - ndr_print_nbt_string(ndr, "domain", r->domain); - ndr_print_nbt_string(ndr, "pdc_name", r->pdc_name); - ndr_print_nbt_string(ndr, "user_name", r->user_name); - ndr_print_nbt_string(ndr, "server_site", r->server_site); - ndr_print_nbt_string(ndr, "client_site", r->client_site); - ndr_print_uint8(ndr, "dc_sock_addr_size", r->dc_sock_addr_size); - ndr_print_nbt_dc_sock_addr(ndr, "dc_sock_addr", &r->dc_sock_addr); - ndr_print_nbt_string(ndr, "next_closest_site", r->next_closest_site); - ndr_print_nbt_netlogon_version(ndr, "nt_version", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?29:r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -_PUBLIC_ enum ndr_err_code ndr_push_nbt_cldap_netlogon(struct ndr_push *ndr, int ndr_flags, const union nbt_cldap_netlogon *r) -{ - { - uint32_t _flags_save_UNION = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - if (ndr_flags & NDR_SCALARS) { - int level = ndr_push_get_switch_value(ndr, r); - switch (level) { - case 0: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 1: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 2: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 3: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 4: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 5: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 6: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 7: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 8: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 9: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 10: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 11: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 12: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 13: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 14: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 15: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 16: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 17: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 18: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 19: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 20: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 21: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 22: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 23: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 24: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 25: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 26: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 27: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 28: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 29: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - case 30: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - case 31: { - NDR_CHECK(ndr_push_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - default: - return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - if (ndr_flags & NDR_BUFFERS) { - int level = ndr_push_get_switch_value(ndr, r); - switch (level) { - case 0: - break; - - case 1: - break; - - case 2: - break; - - case 3: - break; - - case 4: - break; - - case 5: - break; - - case 6: - break; - - case 7: - break; - - case 8: - break; - - case 9: - break; - - case 10: - break; - - case 11: - break; - - case 12: - break; - - case 13: - break; - - case 14: - break; - - case 15: - break; - - case 16: - break; - - case 17: - break; - - case 18: - break; - - case 19: - break; - - case 20: - break; - - case 21: - break; - - case 22: - break; - - case 23: - break; - - case 24: - break; - - case 25: - break; - - case 26: - break; - - case 27: - break; - - case 28: - break; - - case 29: - break; - - case 30: - break; - - case 31: - break; - - default: - return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - ndr->flags = _flags_save_UNION; - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_cldap_netlogon(struct ndr_pull *ndr, int ndr_flags, union nbt_cldap_netlogon *r) -{ - int level; - { - uint32_t _flags_save_UNION = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - level = ndr_pull_get_switch_value(ndr, r); - if (ndr_flags & NDR_SCALARS) { - switch (level) { - case 0: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 1: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 2: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 3: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 4: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 5: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 6: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 7: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_5(ndr, NDR_SCALARS, &r->logon5)); - break; } - - case 8: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 9: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 10: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 11: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 12: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 13: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 14: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 15: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_13(ndr, NDR_SCALARS, &r->logon13)); - break; } - - case 16: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 17: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_1(ndr, NDR_SCALARS, &r->logon1)); - break; } - - case 18: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 19: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_3(ndr, NDR_SCALARS, &r->logon3)); - break; } - - case 20: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 21: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 22: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 23: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 24: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 25: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 26: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 27: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 28: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_15(ndr, NDR_SCALARS, &r->logon15)); - break; } - - case 29: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - case 30: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - case 31: { - NDR_CHECK(ndr_pull_nbt_cldap_netlogon_29(ndr, NDR_SCALARS, &r->logon29)); - break; } - - default: - return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - if (ndr_flags & NDR_BUFFERS) { - switch (level) { - case 0: - break; - - case 1: - break; - - case 2: - break; - - case 3: - break; - - case 4: - break; - - case 5: - break; - - case 6: - break; - - case 7: - break; - - case 8: - break; - - case 9: - break; - - case 10: - break; - - case 11: - break; - - case 12: - break; - - case 13: - break; - - case 14: - break; - - case 15: - break; - - case 16: - break; - - case 17: - break; - - case 18: - break; - - case 19: - break; - - case 20: - break; - - case 21: - break; - - case 22: - break; - - case 23: - break; - - case 24: - break; - - case 25: - break; - - case 26: - break; - - case 27: - break; - - case 28: - break; - - case 29: - break; - - case 30: - break; - - case 31: - break; - - default: - return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - ndr->flags = _flags_save_UNION; - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_cldap_netlogon(struct ndr_print *ndr, const char *name, const union nbt_cldap_netlogon *r) -{ - int level; - { - uint32_t _flags_save_UNION = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - level = ndr_print_get_switch_value(ndr, r); - ndr_print_union(ndr, name, level, "nbt_cldap_netlogon"); - switch (level) { - case 0: - ndr_print_nbt_cldap_netlogon_1(ndr, "logon1", &r->logon1); - break; - - case 1: - ndr_print_nbt_cldap_netlogon_1(ndr, "logon1", &r->logon1); - break; - - case 2: - ndr_print_nbt_cldap_netlogon_3(ndr, "logon3", &r->logon3); - break; - - case 3: - ndr_print_nbt_cldap_netlogon_3(ndr, "logon3", &r->logon3); - break; - - case 4: - ndr_print_nbt_cldap_netlogon_5(ndr, "logon5", &r->logon5); - break; - - case 5: - ndr_print_nbt_cldap_netlogon_5(ndr, "logon5", &r->logon5); - break; - - case 6: - ndr_print_nbt_cldap_netlogon_5(ndr, "logon5", &r->logon5); - break; - - case 7: - ndr_print_nbt_cldap_netlogon_5(ndr, "logon5", &r->logon5); - break; - - case 8: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 9: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 10: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 11: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 12: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 13: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 14: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 15: - ndr_print_nbt_cldap_netlogon_13(ndr, "logon13", &r->logon13); - break; - - case 16: - ndr_print_nbt_cldap_netlogon_1(ndr, "logon1", &r->logon1); - break; - - case 17: - ndr_print_nbt_cldap_netlogon_1(ndr, "logon1", &r->logon1); - break; - - case 18: - ndr_print_nbt_cldap_netlogon_3(ndr, "logon3", &r->logon3); - break; - - case 19: - ndr_print_nbt_cldap_netlogon_3(ndr, "logon3", &r->logon3); - break; - - case 20: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 21: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 22: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 23: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 24: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 25: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 26: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 27: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 28: - ndr_print_nbt_cldap_netlogon_15(ndr, "logon15", &r->logon15); - break; - - case 29: - ndr_print_nbt_cldap_netlogon_29(ndr, "logon29", &r->logon29); - break; - - case 30: - ndr_print_nbt_cldap_netlogon_29(ndr, "logon29", &r->logon29); - break; - - case 31: - ndr_print_nbt_cldap_netlogon_29(ndr, "logon29", &r->logon29); - break; - - default: - ndr_print_bad_level(ndr, name, level); - } - ndr->flags = _flags_save_UNION; - } -} - -static enum ndr_err_code ndr_push_nbt_ntlogon_command(struct ndr_push *ndr, int ndr_flags, enum nbt_ntlogon_command r) -{ - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_ntlogon_command(struct ndr_pull *ndr, int ndr_flags, enum nbt_ntlogon_command *r) -{ - uint16_t v; - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); - *r = v; - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_ntlogon_command(struct ndr_print *ndr, const char *name, enum nbt_ntlogon_command r) -{ - const char *val = NULL; - - switch (r) { - case NTLOGON_SAM_LOGON: val = "NTLOGON_SAM_LOGON"; break; - case NTLOGON_SAM_LOGON_REPLY: val = "NTLOGON_SAM_LOGON_REPLY"; break; - case NTLOGON_SAM_LOGON_REPLY15: val = "NTLOGON_SAM_LOGON_REPLY15"; break; - case NTLOGON_RESPONSE_FROM_PDC2: val = "NTLOGON_RESPONSE_FROM_PDC2"; break; - } - ndr_print_enum(ndr, name, "ENUM", val, r); -} - -static enum ndr_err_code ndr_push_nbt_ntlogon_sam_logon(struct ndr_push *ndr, int ndr_flags, const struct nbt_ntlogon_sam_logon *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->request_count)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->mailslot_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_push_samr_AcctFlags(ndr, NDR_SCALARS, r->acct_control)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_dom_sid0(&r->sid, ndr->flags))); - { - struct ndr_push *_ndr_sid; - NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sid, 0, ndr_size_dom_sid0(&r->sid, ndr->flags))); - NDR_CHECK(ndr_push_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid)); - NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sid, 0, ndr_size_dom_sid0(&r->sid, ndr->flags))); - } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_ntlogon_sam_logon(struct ndr_pull *ndr, int ndr_flags, struct nbt_ntlogon_sam_logon *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->request_count)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->mailslot_name)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_pull_samr_AcctFlags(ndr, NDR_SCALARS, &r->acct_control)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_size)); - { - struct ndr_pull *_ndr_sid; - NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sid, 0, r->sid_size)); - NDR_CHECK(ndr_pull_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid)); - NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sid, 0, r->sid_size)); - } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_ntlogon_sam_logon(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon *r) -{ - ndr_print_struct(ndr, name, "nbt_ntlogon_sam_logon"); - ndr->depth++; - ndr_print_uint16(ndr, "request_count", r->request_count); - ndr_print_string(ndr, "computer_name", r->computer_name); - ndr_print_string(ndr, "user_name", r->user_name); - ndr_print_string(ndr, "mailslot_name", r->mailslot_name); - ndr_print_samr_AcctFlags(ndr, "acct_control", r->acct_control); - ndr_print_uint32(ndr, "sid_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?ndr_size_dom_sid0(&r->sid, ndr->flags):r->sid_size); - ndr_print_dom_sid0(ndr, "sid", &r->sid); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_ntlogon_sam_logon_reply(struct ndr_push *ndr, int ndr_flags, const struct nbt_ntlogon_sam_logon_reply *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->server)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->domain)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_push_nbt_netlogon_version(ndr, NDR_SCALARS, r->nt_version)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_ntlogon_sam_logon_reply(struct ndr_pull *ndr, int ndr_flags, struct nbt_ntlogon_sam_logon_reply *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->server)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name)); - ndr->flags = _flags_save_string; - } - { - uint32_t _flags_save_string = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->domain)); - ndr->flags = _flags_save_string; - } - NDR_CHECK(ndr_pull_nbt_netlogon_version(ndr, NDR_SCALARS, &r->nt_version)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token)); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_ntlogon_sam_logon_reply(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon_reply *r) -{ - ndr_print_struct(ndr, name, "nbt_ntlogon_sam_logon_reply"); - ndr->depth++; - ndr_print_string(ndr, "server", r->server); - ndr_print_string(ndr, "user_name", r->user_name); - ndr_print_string(ndr, "domain", r->domain); - ndr_print_nbt_netlogon_version(ndr, "nt_version", r->nt_version); - ndr_print_uint16(ndr, "lmnt_token", r->lmnt_token); - ndr_print_uint16(ndr, "lm20_token", r->lm20_token); - ndr->depth--; -} - -static enum ndr_err_code ndr_push_nbt_ntlogon_request(struct ndr_push *ndr, int ndr_flags, const union nbt_ntlogon_request *r) -{ - if (ndr_flags & NDR_SCALARS) { - int level = ndr_push_get_switch_value(ndr, r); - switch (level) { - case NTLOGON_SAM_LOGON: { - NDR_CHECK(ndr_push_nbt_ntlogon_sam_logon(ndr, NDR_SCALARS, &r->logon)); - break; } - - case NTLOGON_SAM_LOGON_REPLY: { - NDR_CHECK(ndr_push_nbt_ntlogon_sam_logon_reply(ndr, NDR_SCALARS, &r->reply)); - break; } - - case NTLOGON_SAM_LOGON_REPLY15: { - NDR_CHECK(ndr_push_nbt_ntlogon_sam_logon_reply(ndr, NDR_SCALARS, &r->reply)); - break; } - - case NTLOGON_RESPONSE_FROM_PDC2: { - NDR_CHECK(ndr_push_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->reply2)); - break; } - - default: - return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - if (ndr_flags & NDR_BUFFERS) { - int level = ndr_push_get_switch_value(ndr, r); - switch (level) { - case NTLOGON_SAM_LOGON: - NDR_CHECK(ndr_push_nbt_ntlogon_sam_logon(ndr, NDR_BUFFERS, &r->logon)); - break; - - case NTLOGON_SAM_LOGON_REPLY: - break; - - case NTLOGON_SAM_LOGON_REPLY15: - break; - - case NTLOGON_RESPONSE_FROM_PDC2: - break; - - default: - return ndr_push_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - return NDR_ERR_SUCCESS; -} - -static enum ndr_err_code ndr_pull_nbt_ntlogon_request(struct ndr_pull *ndr, int ndr_flags, union nbt_ntlogon_request *r) -{ - int level; - level = ndr_pull_get_switch_value(ndr, r); - if (ndr_flags & NDR_SCALARS) { - switch (level) { - case NTLOGON_SAM_LOGON: { - NDR_CHECK(ndr_pull_nbt_ntlogon_sam_logon(ndr, NDR_SCALARS, &r->logon)); - break; } - - case NTLOGON_SAM_LOGON_REPLY: { - NDR_CHECK(ndr_pull_nbt_ntlogon_sam_logon_reply(ndr, NDR_SCALARS, &r->reply)); - break; } - - case NTLOGON_SAM_LOGON_REPLY15: { - NDR_CHECK(ndr_pull_nbt_ntlogon_sam_logon_reply(ndr, NDR_SCALARS, &r->reply)); - break; } - - case NTLOGON_RESPONSE_FROM_PDC2: { - NDR_CHECK(ndr_pull_nbt_netlogon_response_from_pdc2(ndr, NDR_SCALARS, &r->reply2)); - break; } - - default: - return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - if (ndr_flags & NDR_BUFFERS) { - switch (level) { - case NTLOGON_SAM_LOGON: - NDR_CHECK(ndr_pull_nbt_ntlogon_sam_logon(ndr, NDR_BUFFERS, &r->logon)); - break; - - case NTLOGON_SAM_LOGON_REPLY: - break; - - case NTLOGON_SAM_LOGON_REPLY15: - break; - - case NTLOGON_RESPONSE_FROM_PDC2: - break; - - default: - return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", level); - } - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_ntlogon_request(struct ndr_print *ndr, const char *name, const union nbt_ntlogon_request *r) -{ - int level; - level = ndr_print_get_switch_value(ndr, r); - ndr_print_union(ndr, name, level, "nbt_ntlogon_request"); - switch (level) { - case NTLOGON_SAM_LOGON: - ndr_print_nbt_ntlogon_sam_logon(ndr, "logon", &r->logon); - break; - - case NTLOGON_SAM_LOGON_REPLY: - ndr_print_nbt_ntlogon_sam_logon_reply(ndr, "reply", &r->reply); - break; - - case NTLOGON_SAM_LOGON_REPLY15: - ndr_print_nbt_ntlogon_sam_logon_reply(ndr, "reply", &r->reply); - break; - - case NTLOGON_RESPONSE_FROM_PDC2: - ndr_print_nbt_netlogon_response_from_pdc2(ndr, "reply2", &r->reply2); - break; - - default: - ndr_print_bad_level(ndr, name, level); - } -} - -_PUBLIC_ enum ndr_err_code ndr_push_nbt_ntlogon_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_ntlogon_packet *r) -{ - { - uint32_t _flags_save_STRUCT = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_nbt_ntlogon_command(ndr, NDR_SCALARS, r->command)); - NDR_CHECK(ndr_push_set_switch_value(ndr, &r->req, r->command)); - NDR_CHECK(ndr_push_nbt_ntlogon_request(ndr, NDR_SCALARS, &r->req)); - } - if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_push_nbt_ntlogon_request(ndr, NDR_BUFFERS, &r->req)); - } - ndr->flags = _flags_save_STRUCT; - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_nbt_ntlogon_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_ntlogon_packet *r) -{ - { - uint32_t _flags_save_STRUCT = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_nbt_ntlogon_command(ndr, NDR_SCALARS, &r->command)); - NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->req, r->command)); - NDR_CHECK(ndr_pull_nbt_ntlogon_request(ndr, NDR_SCALARS, &r->req)); - } - if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_pull_nbt_ntlogon_request(ndr, NDR_BUFFERS, &r->req)); - } - ndr->flags = _flags_save_STRUCT; - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_nbt_ntlogon_packet(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_packet *r) -{ - ndr_print_struct(ndr, name, "nbt_ntlogon_packet"); - { - uint32_t _flags_save_STRUCT = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN); - ndr->depth++; - ndr_print_nbt_ntlogon_command(ndr, "command", r->command); - ndr_print_set_switch_value(ndr, &r->req, r->command); - ndr_print_nbt_ntlogon_request(ndr, "req", &r->req); - ndr->depth--; - ndr->flags = _flags_save_STRUCT; - } -} - static enum ndr_err_code ndr_push_nbt_browse_opcode(struct ndr_push *ndr, int ndr_flags, enum nbt_browse_opcode r) { NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r)); diff --git a/source3/librpc/gen_ndr/ndr_nbt.h b/source3/librpc/gen_ndr/ndr_nbt.h index 6e9702d5d5..1a0ca0c302 100644 --- a/source3/librpc/gen_ndr/ndr_nbt.h +++ b/source3/librpc/gen_ndr/ndr_nbt.h @@ -6,14 +6,19 @@ #ifndef _HEADER_NDR_nbt #define _HEADER_NDR_nbt -#include "libcli/nbt/libnbt.h" +#include "../libcli/netlogon.h" +#include "../libcli/nbt/libnbt.h" #define NDR_NBT_CALL_COUNT (0) void ndr_print_nbt_operation(struct ndr_print *ndr, const char *name, uint16_t r); void ndr_print_nbt_name_type(struct ndr_print *ndr, const char *name, enum nbt_name_type r); enum ndr_err_code ndr_push_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r); enum ndr_err_code ndr_pull_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name *r); void ndr_print_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r); +enum ndr_err_code ndr_push_nbt_qclass(struct ndr_push *ndr, int ndr_flags, enum nbt_qclass r); +enum ndr_err_code ndr_pull_nbt_qclass(struct ndr_pull *ndr, int ndr_flags, enum nbt_qclass *r); void ndr_print_nbt_qclass(struct ndr_print *ndr, const char *name, enum nbt_qclass r); +enum ndr_err_code ndr_push_nbt_qtype(struct ndr_push *ndr, int ndr_flags, enum nbt_qtype r); +enum ndr_err_code ndr_pull_nbt_qtype(struct ndr_pull *ndr, int ndr_flags, enum nbt_qtype *r); void ndr_print_nbt_qtype(struct ndr_print *ndr, const char *name, enum nbt_qtype r); void ndr_print_nbt_name_question(struct ndr_print *ndr, const char *name, const struct nbt_name_question *r); void ndr_print_nb_flags(struct ndr_print *ndr, const char *name, uint16_t r); @@ -23,7 +28,10 @@ void ndr_print_nbt_statistics(struct ndr_print *ndr, const char *name, const str void ndr_print_nbt_status_name(struct ndr_print *ndr, const char *name, const struct nbt_status_name *r); void ndr_print_nbt_rdata_status(struct ndr_print *ndr, const char *name, const struct nbt_rdata_status *r); void ndr_print_nbt_rdata_data(struct ndr_print *ndr, const char *name, const struct nbt_rdata_data *r); +enum ndr_err_code ndr_push_nbt_rdata(struct ndr_push *ndr, int ndr_flags, const union nbt_rdata *r); +enum ndr_err_code ndr_pull_nbt_rdata(struct ndr_pull *ndr, int ndr_flags, union nbt_rdata *r); void ndr_print_nbt_rdata(struct ndr_print *ndr, const char *name, const union nbt_rdata *r); +enum ndr_err_code ndr_push_nbt_res_rec(struct ndr_push *ndr, int ndr_flags, const struct nbt_res_rec *r); void ndr_print_nbt_res_rec(struct ndr_print *ndr, const char *name, const struct nbt_res_rec *r); enum ndr_err_code ndr_push_nbt_name_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_name_packet *r); enum ndr_err_code ndr_pull_nbt_name_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_name_packet *r); @@ -43,42 +51,41 @@ void ndr_print_dgram_data(struct ndr_print *ndr, const char *name, const union d enum ndr_err_code ndr_push_nbt_dgram_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_dgram_packet *r); enum ndr_err_code ndr_pull_nbt_dgram_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_dgram_packet *r); void ndr_print_nbt_dgram_packet(struct ndr_print *ndr, const char *name, const struct nbt_dgram_packet *r); -void ndr_print_nbt_netlogon_command(struct ndr_print *ndr, const char *name, enum nbt_netlogon_command r); -void ndr_print_nbt_netlogon_version(struct ndr_print *ndr, const char *name, uint32_t r); +enum ndr_err_code ndr_push_nbt_sockaddr(struct ndr_push *ndr, int ndr_flags, const struct nbt_sockaddr *r); +enum ndr_err_code ndr_pull_nbt_sockaddr(struct ndr_pull *ndr, int ndr_flags, struct nbt_sockaddr *r); +void ndr_print_nbt_sockaddr(struct ndr_print *ndr, const char *name, const struct nbt_sockaddr *r); +size_t ndr_size_nbt_sockaddr(const struct nbt_sockaddr *r, int flags); +enum ndr_err_code ndr_push_nbt_server_type(struct ndr_push *ndr, int ndr_flags, uint32_t r); +enum ndr_err_code ndr_pull_nbt_server_type(struct ndr_pull *ndr, int ndr_flags, uint32_t *r); +void ndr_print_nbt_server_type(struct ndr_print *ndr, const char *name, uint32_t r); +enum ndr_err_code ndr_push_netlogon_nt_version_flags(struct ndr_push *ndr, int ndr_flags, uint32_t r); +enum ndr_err_code ndr_pull_netlogon_nt_version_flags(struct ndr_pull *ndr, int ndr_flags, uint32_t *r); +void ndr_print_netlogon_nt_version_flags(struct ndr_print *ndr, const char *name, uint32_t r); +enum ndr_err_code ndr_push_netlogon_command(struct ndr_push *ndr, int ndr_flags, enum netlogon_command r); +enum ndr_err_code ndr_pull_netlogon_command(struct ndr_pull *ndr, int ndr_flags, enum netlogon_command *r); +void ndr_print_netlogon_command(struct ndr_print *ndr, const char *name, enum netlogon_command r); +enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_REQUEST(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_REQUEST *r); +enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_REQUEST(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_REQUEST *r); +void ndr_print_NETLOGON_SAM_LOGON_REQUEST(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_REQUEST *r); +enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r); +enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r); +void ndr_print_NETLOGON_SAM_LOGON_RESPONSE_NT40(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE_NT40 *r); +enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE *r); +enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE *r); +void ndr_print_NETLOGON_SAM_LOGON_RESPONSE(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE *r); +enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r); +enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_EX *r); +void ndr_print_NETLOGON_SAM_LOGON_RESPONSE_EX(struct ndr_print *ndr, const char *name, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r); void ndr_print_nbt_netlogon_query_for_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc *r); -void ndr_print_nbt_netlogon_query_for_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_query_for_pdc2 *r); +enum ndr_err_code ndr_push_nbt_netlogon_response_from_pdc(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_response_from_pdc *r); +enum ndr_err_code ndr_pull_nbt_netlogon_response_from_pdc(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_response_from_pdc *r); void ndr_print_nbt_netlogon_response_from_pdc(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc *r); -void ndr_print_nbt_server_type(struct ndr_print *ndr, const char *name, uint32_t r); -void ndr_print_nbt_dc_sock_addr(struct ndr_print *ndr, const char *name, const struct nbt_dc_sock_addr *r); -void ndr_print_nbt_netlogon_response_from_pdc2(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_response_from_pdc2 *r); -void ndr_print_nbt_db_change(struct ndr_print *ndr, const char *name, const struct nbt_db_change *r); -void ndr_print_nbt_netlogon_announce_uas(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_announce_uas *r); +void ndr_print_nbt_db_change_info(struct ndr_print *ndr, const char *name, const struct nbt_db_change_info *r); +void ndr_print_NETLOGON_DB_CHANGE(struct ndr_print *ndr, const char *name, const struct NETLOGON_DB_CHANGE *r); void ndr_print_nbt_netlogon_request(struct ndr_print *ndr, const char *name, const union nbt_netlogon_request *r); enum ndr_err_code ndr_push_nbt_netlogon_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_netlogon_packet *r); enum ndr_err_code ndr_pull_nbt_netlogon_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_netlogon_packet *r); void ndr_print_nbt_netlogon_packet(struct ndr_print *ndr, const char *name, const struct nbt_netlogon_packet *r); -void ndr_print_nbt_cldap_netlogon_1(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_1 *r); -void ndr_print_nbt_cldap_netlogon_3(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_3 *r); -enum ndr_err_code ndr_push_nbt_cldap_netlogon_5(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_5 *r); -enum ndr_err_code ndr_pull_nbt_cldap_netlogon_5(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_5 *r); -void ndr_print_nbt_cldap_netlogon_5(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_5 *r); -void ndr_print_nbt_cldap_netlogon_13(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_13 *r); -enum ndr_err_code ndr_push_nbt_cldap_netlogon_15(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_15 *r); -enum ndr_err_code ndr_pull_nbt_cldap_netlogon_15(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_15 *r); -void ndr_print_nbt_cldap_netlogon_15(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_15 *r); -enum ndr_err_code ndr_push_nbt_cldap_netlogon_29(struct ndr_push *ndr, int ndr_flags, const struct nbt_cldap_netlogon_29 *r); -enum ndr_err_code ndr_pull_nbt_cldap_netlogon_29(struct ndr_pull *ndr, int ndr_flags, struct nbt_cldap_netlogon_29 *r); -void ndr_print_nbt_cldap_netlogon_29(struct ndr_print *ndr, const char *name, const struct nbt_cldap_netlogon_29 *r); -enum ndr_err_code ndr_push_nbt_cldap_netlogon(struct ndr_push *ndr, int ndr_flags, const union nbt_cldap_netlogon *r); -enum ndr_err_code ndr_pull_nbt_cldap_netlogon(struct ndr_pull *ndr, int ndr_flags, union nbt_cldap_netlogon *r); -void ndr_print_nbt_cldap_netlogon(struct ndr_print *ndr, const char *name, const union nbt_cldap_netlogon *r); -void ndr_print_nbt_ntlogon_command(struct ndr_print *ndr, const char *name, enum nbt_ntlogon_command r); -void ndr_print_nbt_ntlogon_sam_logon(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon *r); -void ndr_print_nbt_ntlogon_sam_logon_reply(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_sam_logon_reply *r); -void ndr_print_nbt_ntlogon_request(struct ndr_print *ndr, const char *name, const union nbt_ntlogon_request *r); -enum ndr_err_code ndr_push_nbt_ntlogon_packet(struct ndr_push *ndr, int ndr_flags, const struct nbt_ntlogon_packet *r); -enum ndr_err_code ndr_pull_nbt_ntlogon_packet(struct ndr_pull *ndr, int ndr_flags, struct nbt_ntlogon_packet *r); -void ndr_print_nbt_ntlogon_packet(struct ndr_print *ndr, const char *name, const struct nbt_ntlogon_packet *r); void ndr_print_nbt_browse_opcode(struct ndr_print *ndr, const char *name, enum nbt_browse_opcode r); void ndr_print_nbt_browse_host_announcement(struct ndr_print *ndr, const char *name, const struct nbt_browse_host_announcement *r); void ndr_print_nbt_browse_announcement_request(struct ndr_print *ndr, const char *name, const struct nbt_browse_announcement_request *r); diff --git a/source3/librpc/gen_ndr/srv_dfs.c b/source3/librpc/gen_ndr/srv_dfs.c index 54b2184829..631bd82758 100644 --- a/source3/librpc/gen_ndr/srv_dfs.c +++ b/source3/librpc/gen_ndr/srv_dfs.c @@ -27,7 +27,7 @@ static bool api_dfs_GetManagerVersion(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_dfs_Add(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -180,7 +180,7 @@ static bool api_dfs_Remove(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -253,7 +253,7 @@ static bool api_dfs_SetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -326,7 +326,7 @@ static bool api_dfs_GetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -406,7 +406,7 @@ static bool api_dfs_Enum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -482,7 +482,7 @@ static bool api_dfs_Rename(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -555,7 +555,7 @@ static bool api_dfs_Move(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -628,7 +628,7 @@ static bool api_dfs_ManagerGetConfigInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -701,7 +701,7 @@ static bool api_dfs_ManagerSendSiteInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -774,7 +774,7 @@ static bool api_dfs_AddFtRoot(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -849,7 +849,7 @@ static bool api_dfs_RemoveFtRoot(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -924,7 +924,7 @@ static bool api_dfs_AddStdRoot(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -997,7 +997,7 @@ static bool api_dfs_RemoveStdRoot(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1070,7 +1070,7 @@ static bool api_dfs_ManagerInitialize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1143,7 +1143,7 @@ static bool api_dfs_AddStdRootForced(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1216,7 +1216,7 @@ static bool api_dfs_GetDcAddress(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1293,7 +1293,7 @@ static bool api_dfs_SetDcAddress(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1366,7 +1366,7 @@ static bool api_dfs_FlushFtTable(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1439,7 +1439,7 @@ static bool api_dfs_Add2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1512,7 +1512,7 @@ static bool api_dfs_Remove2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1585,7 +1585,7 @@ static bool api_dfs_EnumEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1661,7 +1661,7 @@ static bool api_dfs_SetInfo2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_dssetup.c b/source3/librpc/gen_ndr/srv_dssetup.c index 79bde30d06..2dca1c8536 100644 --- a/source3/librpc/gen_ndr/srv_dssetup.c +++ b/source3/librpc/gen_ndr/srv_dssetup.c @@ -27,7 +27,7 @@ static bool api_dssetup_DsRoleGetPrimaryDomainInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_dssetup_DsRoleDnsNameToFlatName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -180,7 +180,7 @@ static bool api_dssetup_DsRoleDcAsDc(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -253,7 +253,7 @@ static bool api_dssetup_DsRoleDcAsReplica(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -326,7 +326,7 @@ static bool api_dssetup_DsRoleDemoteDc(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -399,7 +399,7 @@ static bool api_dssetup_DsRoleGetDcOperationProgress(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -472,7 +472,7 @@ static bool api_dssetup_DsRoleGetDcOperationResults(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -545,7 +545,7 @@ static bool api_dssetup_DsRoleCancel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -618,7 +618,7 @@ static bool api_dssetup_DsRoleServerSaveStateForUpgrade(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -691,7 +691,7 @@ static bool api_dssetup_DsRoleUpgradeDownlevelServer(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -764,7 +764,7 @@ static bool api_dssetup_DsRoleAbortDownlevelServerUpgrade(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_echo.c b/source3/librpc/gen_ndr/srv_echo.c index b8b38dad13..38e9e194c8 100644 --- a/source3/librpc/gen_ndr/srv_echo.c +++ b/source3/librpc/gen_ndr/srv_echo.c @@ -27,7 +27,7 @@ static bool api_echo_AddOne(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_echo_EchoData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -187,7 +187,7 @@ static bool api_echo_SinkData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -260,7 +260,7 @@ static bool api_echo_SourceData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -340,7 +340,7 @@ static bool api_echo_TestCall(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -420,7 +420,7 @@ static bool api_echo_TestCall2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -500,7 +500,7 @@ static bool api_echo_TestSleep(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -573,7 +573,7 @@ static bool api_echo_TestEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -650,7 +650,7 @@ static bool api_echo_TestSurrounding(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -725,7 +725,7 @@ static bool api_echo_TestDoublePointer(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_epmapper.c b/source3/librpc/gen_ndr/srv_epmapper.c index f42598abd4..69a47b355d 100644 --- a/source3/librpc/gen_ndr/srv_epmapper.c +++ b/source3/librpc/gen_ndr/srv_epmapper.c @@ -27,7 +27,7 @@ static bool api_epm_Insert(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -100,7 +100,7 @@ static bool api_epm_Delete(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -173,7 +173,7 @@ static bool api_epm_Lookup(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -260,7 +260,7 @@ static bool api_epm_Map(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -347,7 +347,7 @@ static bool api_epm_LookupHandleFree(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -422,7 +422,7 @@ static bool api_epm_InqObject(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -495,7 +495,7 @@ static bool api_epm_MgmtDelete(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -568,7 +568,7 @@ static bool api_epm_MapAuth(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_eventlog.c b/source3/librpc/gen_ndr/srv_eventlog.c index eb3fb1fe6d..946be20e0f 100644 --- a/source3/librpc/gen_ndr/srv_eventlog.c +++ b/source3/librpc/gen_ndr/srv_eventlog.c @@ -27,7 +27,7 @@ static bool api_eventlog_ClearEventLogW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -100,7 +100,7 @@ static bool api_eventlog_BackupEventLogW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -173,7 +173,7 @@ static bool api_eventlog_CloseEventLog(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -248,7 +248,7 @@ static bool api_eventlog_DeregisterEventSource(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -321,7 +321,7 @@ static bool api_eventlog_GetNumRecords(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -401,7 +401,7 @@ static bool api_eventlog_GetOldestRecord(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -481,7 +481,7 @@ static bool api_eventlog_ChangeNotify(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -554,7 +554,7 @@ static bool api_eventlog_OpenEventLogW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -634,7 +634,7 @@ static bool api_eventlog_RegisterEventSourceW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -707,7 +707,7 @@ static bool api_eventlog_OpenBackupEventLogW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -780,7 +780,7 @@ static bool api_eventlog_ReadEventLogW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -872,7 +872,7 @@ static bool api_eventlog_ReportEventW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -945,7 +945,7 @@ static bool api_eventlog_ClearEventLogA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1018,7 +1018,7 @@ static bool api_eventlog_BackupEventLogA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1091,7 +1091,7 @@ static bool api_eventlog_OpenEventLogA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1164,7 +1164,7 @@ static bool api_eventlog_RegisterEventSourceA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1237,7 +1237,7 @@ static bool api_eventlog_OpenBackupEventLogA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1310,7 +1310,7 @@ static bool api_eventlog_ReadEventLogA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1383,7 +1383,7 @@ static bool api_eventlog_ReportEventA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1456,7 +1456,7 @@ static bool api_eventlog_RegisterClusterSvc(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1529,7 +1529,7 @@ static bool api_eventlog_DeregisterClusterSvc(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1602,7 +1602,7 @@ static bool api_eventlog_WriteClusterEvents(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1675,7 +1675,7 @@ static bool api_eventlog_GetLogIntormation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1748,7 +1748,7 @@ static bool api_eventlog_FlushEventLog(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_initshutdown.c b/source3/librpc/gen_ndr/srv_initshutdown.c index 00a89661b5..1fca682c71 100644 --- a/source3/librpc/gen_ndr/srv_initshutdown.c +++ b/source3/librpc/gen_ndr/srv_initshutdown.c @@ -27,7 +27,7 @@ static bool api_initshutdown_Init(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -100,7 +100,7 @@ static bool api_initshutdown_Abort(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -173,7 +173,7 @@ static bool api_initshutdown_InitEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_lsa.c b/source3/librpc/gen_ndr/srv_lsa.c index 41d1c9716c..f55e079773 100644 --- a/source3/librpc/gen_ndr/srv_lsa.c +++ b/source3/librpc/gen_ndr/srv_lsa.c @@ -27,7 +27,7 @@ static bool api_lsa_Close(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -102,7 +102,7 @@ static bool api_lsa_Delete(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -175,7 +175,7 @@ static bool api_lsa_EnumPrivs(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -256,7 +256,7 @@ static bool api_lsa_QuerySecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -336,7 +336,7 @@ static bool api_lsa_SetSecObj(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -409,7 +409,7 @@ static bool api_lsa_ChangePassword(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -482,7 +482,7 @@ static bool api_lsa_OpenPolicy(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -562,7 +562,7 @@ static bool api_lsa_QueryInfoPolicy(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -642,7 +642,7 @@ static bool api_lsa_SetInfoPolicy(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -715,7 +715,7 @@ static bool api_lsa_ClearAuditLog(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -788,7 +788,7 @@ static bool api_lsa_CreateAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -868,7 +868,7 @@ static bool api_lsa_EnumAccounts(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -949,7 +949,7 @@ static bool api_lsa_CreateTrustedDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1029,7 +1029,7 @@ static bool api_lsa_EnumTrustDom(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1110,7 +1110,7 @@ static bool api_lsa_LookupNames(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1192,7 +1192,7 @@ static bool api_lsa_LookupSids(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1274,7 +1274,7 @@ static bool api_lsa_CreateSecret(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1354,7 +1354,7 @@ static bool api_lsa_OpenAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1434,7 +1434,7 @@ static bool api_lsa_EnumPrivsAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1514,7 +1514,7 @@ static bool api_lsa_AddPrivilegesToAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1587,7 +1587,7 @@ static bool api_lsa_RemovePrivilegesFromAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1660,7 +1660,7 @@ static bool api_lsa_GetQuotasForAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1733,7 +1733,7 @@ static bool api_lsa_SetQuotasForAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1806,7 +1806,7 @@ static bool api_lsa_GetSystemAccessAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1886,7 +1886,7 @@ static bool api_lsa_SetSystemAccessAccount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1959,7 +1959,7 @@ static bool api_lsa_OpenTrustedDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2039,7 +2039,7 @@ static bool api_lsa_QueryTrustedDomainInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2119,7 +2119,7 @@ static bool api_lsa_SetInformationTrustedDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2192,7 +2192,7 @@ static bool api_lsa_OpenSecret(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2272,7 +2272,7 @@ static bool api_lsa_SetSecret(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2345,7 +2345,7 @@ static bool api_lsa_QuerySecret(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2423,7 +2423,7 @@ static bool api_lsa_LookupPrivValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2503,7 +2503,7 @@ static bool api_lsa_LookupPrivName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2583,7 +2583,7 @@ static bool api_lsa_LookupPrivDisplayName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2669,7 +2669,7 @@ static bool api_lsa_DeleteObject(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2744,7 +2744,7 @@ static bool api_lsa_EnumAccountsWithUserRight(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2824,7 +2824,7 @@ static bool api_lsa_EnumAccountRights(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2904,7 +2904,7 @@ static bool api_lsa_AddAccountRights(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2977,7 +2977,7 @@ static bool api_lsa_RemoveAccountRights(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3050,7 +3050,7 @@ static bool api_lsa_QueryTrustedDomainInfoBySid(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3130,7 +3130,7 @@ static bool api_lsa_SetTrustedDomainInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3203,7 +3203,7 @@ static bool api_lsa_DeleteTrustedDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3276,7 +3276,7 @@ static bool api_lsa_StorePrivateData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3349,7 +3349,7 @@ static bool api_lsa_RetrievePrivateData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3422,7 +3422,7 @@ static bool api_lsa_OpenPolicy2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3502,7 +3502,7 @@ static bool api_lsa_GetUserName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3578,7 +3578,7 @@ static bool api_lsa_QueryInfoPolicy2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3658,7 +3658,7 @@ static bool api_lsa_SetInfoPolicy2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3731,7 +3731,7 @@ static bool api_lsa_QueryTrustedDomainInfoByName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3811,7 +3811,7 @@ static bool api_lsa_SetTrustedDomainInfoByName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3884,7 +3884,7 @@ static bool api_lsa_EnumTrustedDomainsEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3965,7 +3965,7 @@ static bool api_lsa_CreateTrustedDomainEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4038,7 +4038,7 @@ static bool api_lsa_CloseTrustedDomainEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4113,7 +4113,7 @@ static bool api_lsa_QueryDomainInformationPolicy(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4193,7 +4193,7 @@ static bool api_lsa_SetDomainInformationPolicy(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4266,7 +4266,7 @@ static bool api_lsa_OpenTrustedDomainByName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4346,7 +4346,7 @@ static bool api_lsa_TestCall(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4419,7 +4419,7 @@ static bool api_lsa_LookupSids2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4501,7 +4501,7 @@ static bool api_lsa_LookupNames2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4583,7 +4583,7 @@ static bool api_lsa_CreateTrustedDomainEx2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4656,7 +4656,7 @@ static bool api_lsa_CREDRWRITE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4729,7 +4729,7 @@ static bool api_lsa_CREDRREAD(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4802,7 +4802,7 @@ static bool api_lsa_CREDRENUMERATE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4875,7 +4875,7 @@ static bool api_lsa_CREDRWRITEDOMAINCREDENTIALS(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4948,7 +4948,7 @@ static bool api_lsa_CREDRREADDOMAINCREDENTIALS(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5021,7 +5021,7 @@ static bool api_lsa_CREDRDELETE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5094,7 +5094,7 @@ static bool api_lsa_CREDRGETTARGETINFO(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5167,7 +5167,7 @@ static bool api_lsa_CREDRPROFILELOADED(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5240,7 +5240,7 @@ static bool api_lsa_LookupNames3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5322,7 +5322,7 @@ static bool api_lsa_CREDRGETSESSIONTYPES(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5395,7 +5395,7 @@ static bool api_lsa_LSARREGISTERAUDITEVENT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5468,7 +5468,7 @@ static bool api_lsa_LSARGENAUDITEVENT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5541,7 +5541,7 @@ static bool api_lsa_LSARUNREGISTERAUDITEVENT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5614,7 +5614,7 @@ static bool api_lsa_lsaRQueryForestTrustInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5694,7 +5694,7 @@ static bool api_lsa_LSARSETFORESTTRUSTINFORMATION(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5767,7 +5767,7 @@ static bool api_lsa_CREDRRENAME(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5840,7 +5840,7 @@ static bool api_lsa_LookupSids3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5922,7 +5922,7 @@ static bool api_lsa_LookupNames4(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -6004,7 +6004,7 @@ static bool api_lsa_LSAROPENPOLICYSCE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -6077,7 +6077,7 @@ static bool api_lsa_LSARADTREGISTERSECURITYEVENTSOURCE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -6150,7 +6150,7 @@ static bool api_lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -6223,7 +6223,7 @@ static bool api_lsa_LSARADTREPORTSECURITYEVENT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_netlogon.c b/source3/librpc/gen_ndr/srv_netlogon.c index 154ef71d40..9ec98bf638 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.c +++ b/source3/librpc/gen_ndr/srv_netlogon.c @@ -27,7 +27,7 @@ static bool api_netr_LogonUasLogon(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_netr_LogonUasLogoff(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -187,7 +187,7 @@ static bool api_netr_LogonSamLogon(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -274,7 +274,7 @@ static bool api_netr_LogonSamLogoff(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -349,7 +349,7 @@ static bool api_netr_ServerReqChallenge(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -429,7 +429,7 @@ static bool api_netr_ServerAuthenticate(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -509,7 +509,7 @@ static bool api_netr_ServerPasswordSet(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -589,7 +589,7 @@ static bool api_netr_DatabaseDeltas(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -671,7 +671,7 @@ static bool api_netr_DatabaseSync(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -753,7 +753,7 @@ static bool api_netr_AccountDeltas(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -852,7 +852,7 @@ static bool api_netr_AccountSync(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -952,7 +952,7 @@ static bool api_netr_GetDcName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1032,7 +1032,7 @@ static bool api_netr_LogonControl(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1112,7 +1112,7 @@ static bool api_netr_GetAnyDCName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1192,7 +1192,7 @@ static bool api_netr_LogonControl2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1272,7 +1272,7 @@ static bool api_netr_ServerAuthenticate2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1353,7 +1353,7 @@ static bool api_netr_DatabaseSync2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1435,7 +1435,7 @@ static bool api_netr_DatabaseRedo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1516,7 +1516,7 @@ static bool api_netr_LogonControl2Ex(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1596,7 +1596,7 @@ static bool api_netr_NetrEnumerateTrustedDomains(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1676,7 +1676,7 @@ static bool api_netr_DsRGetDCName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1756,7 +1756,7 @@ static bool api_netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1829,7 +1829,7 @@ static bool api_netr_NETRLOGONSETSERVICEBITS(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1902,7 +1902,7 @@ static bool api_netr_LogonGetTrustRid(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1982,7 +1982,7 @@ static bool api_netr_NETRLOGONCOMPUTESERVERDIGEST(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2055,7 +2055,7 @@ static bool api_netr_NETRLOGONCOMPUTECLIENTDIGEST(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2128,7 +2128,7 @@ static bool api_netr_ServerAuthenticate3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2210,7 +2210,7 @@ static bool api_netr_DsRGetDCNameEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2290,7 +2290,7 @@ static bool api_netr_DsRGetSiteName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2370,7 +2370,7 @@ static bool api_netr_LogonGetDomainInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2451,7 +2451,7 @@ static bool api_netr_ServerPasswordSet2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2531,7 +2531,7 @@ static bool api_netr_ServerPasswordGet(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2617,7 +2617,7 @@ static bool api_netr_NETRLOGONSENDTOSAM(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2690,7 +2690,7 @@ static bool api_netr_DsRAddressToSitenamesW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2770,7 +2770,7 @@ static bool api_netr_DsRGetDCNameEx2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2850,7 +2850,7 @@ static bool api_netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2923,7 +2923,7 @@ static bool api_netr_NetrEnumerateTrustedDomainsEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3003,7 +3003,7 @@ static bool api_netr_DsRAddressToSitenamesExW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3083,7 +3083,7 @@ static bool api_netr_DsrGetDcSiteCoverageW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3163,7 +3163,7 @@ static bool api_netr_LogonSamLogonEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3250,7 +3250,7 @@ static bool api_netr_DsrEnumerateDomainTrusts(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3330,7 +3330,7 @@ static bool api_netr_DsrDeregisterDNSHostRecords(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3403,7 +3403,7 @@ static bool api_netr_ServerTrustPasswordsGet(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3495,7 +3495,7 @@ static bool api_netr_DsRGetForestTrustInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3575,7 +3575,7 @@ static bool api_netr_GetForestTrustInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3661,7 +3661,7 @@ static bool api_netr_LogonSamLogonWithFlags(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3749,7 +3749,7 @@ static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_ntsvcs.c b/source3/librpc/gen_ndr/srv_ntsvcs.c index d21e86db6e..cdf8c74eb1 100644 --- a/source3/librpc/gen_ndr/srv_ntsvcs.c +++ b/source3/librpc/gen_ndr/srv_ntsvcs.c @@ -27,7 +27,7 @@ static bool api_PNP_Disconnect(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -100,7 +100,7 @@ static bool api_PNP_Connect(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -173,7 +173,7 @@ static bool api_PNP_GetVersion(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -253,7 +253,7 @@ static bool api_PNP_GetGlobalState(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -326,7 +326,7 @@ static bool api_PNP_InitDetection(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -399,7 +399,7 @@ static bool api_PNP_ReportLogOn(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -472,7 +472,7 @@ static bool api_PNP_ValidateDeviceInstance(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -545,7 +545,7 @@ static bool api_PNP_GetRootDeviceInstance(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -618,7 +618,7 @@ static bool api_PNP_GetRelatedDeviceInstance(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -691,7 +691,7 @@ static bool api_PNP_EnumerateSubKeys(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -764,7 +764,7 @@ static bool api_PNP_GetDeviceList(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -837,7 +837,7 @@ static bool api_PNP_GetDeviceListSize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -917,7 +917,7 @@ static bool api_PNP_GetDepth(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -990,7 +990,7 @@ static bool api_PNP_GetDeviceRegProp(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1073,7 +1073,7 @@ static bool api_PNP_SetDeviceRegProp(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1146,7 +1146,7 @@ static bool api_PNP_GetClassInstance(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1219,7 +1219,7 @@ static bool api_PNP_CreateKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1292,7 +1292,7 @@ static bool api_PNP_DeleteRegistryKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1365,7 +1365,7 @@ static bool api_PNP_GetClassCount(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1438,7 +1438,7 @@ static bool api_PNP_GetClassName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1511,7 +1511,7 @@ static bool api_PNP_DeleteClassKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1584,7 +1584,7 @@ static bool api_PNP_GetInterfaceDeviceAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1657,7 +1657,7 @@ static bool api_PNP_GetInterfaceDeviceList(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1730,7 +1730,7 @@ static bool api_PNP_GetInterfaceDeviceListSize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1803,7 +1803,7 @@ static bool api_PNP_RegisterDeviceClassAssociation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1876,7 +1876,7 @@ static bool api_PNP_UnregisterDeviceClassAssociation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1949,7 +1949,7 @@ static bool api_PNP_GetClassRegProp(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2022,7 +2022,7 @@ static bool api_PNP_SetClassRegProp(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2095,7 +2095,7 @@ static bool api_PNP_CreateDevInst(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2168,7 +2168,7 @@ static bool api_PNP_DeviceInstanceAction(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2241,7 +2241,7 @@ static bool api_PNP_GetDeviceStatus(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2314,7 +2314,7 @@ static bool api_PNP_SetDeviceProblem(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2387,7 +2387,7 @@ static bool api_PNP_DisableDevInst(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2460,7 +2460,7 @@ static bool api_PNP_UninstallDevInst(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2533,7 +2533,7 @@ static bool api_PNP_AddID(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2606,7 +2606,7 @@ static bool api_PNP_RegisterDriver(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2679,7 +2679,7 @@ static bool api_PNP_QueryRemove(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2752,7 +2752,7 @@ static bool api_PNP_RequestDeviceEject(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2825,7 +2825,7 @@ static bool api_PNP_IsDockStationPresent(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2898,7 +2898,7 @@ static bool api_PNP_RequestEjectPC(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2971,7 +2971,7 @@ static bool api_PNP_HwProfFlags(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3053,7 +3053,7 @@ static bool api_PNP_GetHwProfInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3128,7 +3128,7 @@ static bool api_PNP_AddEmptyLogConf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3201,7 +3201,7 @@ static bool api_PNP_FreeLogConf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3274,7 +3274,7 @@ static bool api_PNP_GetFirstLogConf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3347,7 +3347,7 @@ static bool api_PNP_GetNextLogConf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3420,7 +3420,7 @@ static bool api_PNP_GetLogConfPriority(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3493,7 +3493,7 @@ static bool api_PNP_AddResDes(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3566,7 +3566,7 @@ static bool api_PNP_FreeResDes(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3639,7 +3639,7 @@ static bool api_PNP_GetNextResDes(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3712,7 +3712,7 @@ static bool api_PNP_GetResDesData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3785,7 +3785,7 @@ static bool api_PNP_GetResDesDataSize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3858,7 +3858,7 @@ static bool api_PNP_ModifyResDes(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3931,7 +3931,7 @@ static bool api_PNP_DetectResourceLimit(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4004,7 +4004,7 @@ static bool api_PNP_QueryResConfList(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4077,7 +4077,7 @@ static bool api_PNP_SetHwProf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4150,7 +4150,7 @@ static bool api_PNP_QueryArbitratorFreeData(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4223,7 +4223,7 @@ static bool api_PNP_QueryArbitratorFreeSize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4296,7 +4296,7 @@ static bool api_PNP_RunDetection(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4369,7 +4369,7 @@ static bool api_PNP_RegisterNotification(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4442,7 +4442,7 @@ static bool api_PNP_UnregisterNotification(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4515,7 +4515,7 @@ static bool api_PNP_GetCustomDevProp(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4588,7 +4588,7 @@ static bool api_PNP_GetVersionInternal(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4661,7 +4661,7 @@ static bool api_PNP_GetBlockedDriverInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4734,7 +4734,7 @@ static bool api_PNP_GetServerSideDeviceInstallFlags(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_samr.c b/source3/librpc/gen_ndr/srv_samr.c index 1eaa19eaf7..7d4f2c11fd 100644 --- a/source3/librpc/gen_ndr/srv_samr.c +++ b/source3/librpc/gen_ndr/srv_samr.c @@ -27,7 +27,7 @@ static bool api_samr_Connect(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_samr_Close(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -182,7 +182,7 @@ static bool api_samr_SetSecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -255,7 +255,7 @@ static bool api_samr_QuerySecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -335,7 +335,7 @@ static bool api_samr_Shutdown(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -408,7 +408,7 @@ static bool api_samr_LookupDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -488,7 +488,7 @@ static bool api_samr_EnumDomains(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -575,7 +575,7 @@ static bool api_samr_OpenDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -655,7 +655,7 @@ static bool api_samr_QueryDomainInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -735,7 +735,7 @@ static bool api_samr_SetDomainInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -808,7 +808,7 @@ static bool api_samr_CreateDomainGroup(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -894,7 +894,7 @@ static bool api_samr_EnumDomainGroups(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -981,7 +981,7 @@ static bool api_samr_CreateUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1067,7 +1067,7 @@ static bool api_samr_EnumDomainUsers(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1154,7 +1154,7 @@ static bool api_samr_CreateDomAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1240,7 +1240,7 @@ static bool api_samr_EnumDomainAliases(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1327,7 +1327,7 @@ static bool api_samr_GetAliasMembership(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1407,7 +1407,7 @@ static bool api_samr_LookupNames(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1493,7 +1493,7 @@ static bool api_samr_LookupRids(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1579,7 +1579,7 @@ static bool api_samr_OpenGroup(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1659,7 +1659,7 @@ static bool api_samr_QueryGroupInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1739,7 +1739,7 @@ static bool api_samr_SetGroupInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1812,7 +1812,7 @@ static bool api_samr_AddGroupMember(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1885,7 +1885,7 @@ static bool api_samr_DeleteDomainGroup(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1960,7 +1960,7 @@ static bool api_samr_DeleteGroupMember(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2033,7 +2033,7 @@ static bool api_samr_QueryGroupMember(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2113,7 +2113,7 @@ static bool api_samr_SetMemberAttributesOfGroup(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2186,7 +2186,7 @@ static bool api_samr_OpenAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2266,7 +2266,7 @@ static bool api_samr_QueryAliasInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2346,7 +2346,7 @@ static bool api_samr_SetAliasInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2419,7 +2419,7 @@ static bool api_samr_DeleteDomAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2494,7 +2494,7 @@ static bool api_samr_AddAliasMember(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2567,7 +2567,7 @@ static bool api_samr_DeleteAliasMember(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2640,7 +2640,7 @@ static bool api_samr_GetMembersInAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2720,7 +2720,7 @@ static bool api_samr_OpenUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2800,7 +2800,7 @@ static bool api_samr_DeleteUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2875,7 +2875,7 @@ static bool api_samr_QueryUserInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2955,7 +2955,7 @@ static bool api_samr_SetUserInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3028,7 +3028,7 @@ static bool api_samr_ChangePasswordUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3101,7 +3101,7 @@ static bool api_samr_GetGroupsForUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3181,7 +3181,7 @@ static bool api_samr_QueryDisplayInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3273,7 +3273,7 @@ static bool api_samr_GetDisplayEnumerationIndex(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3353,7 +3353,7 @@ static bool api_samr_TestPrivateFunctionsDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3426,7 +3426,7 @@ static bool api_samr_TestPrivateFunctionsUser(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3499,7 +3499,7 @@ static bool api_samr_GetUserPwInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3579,7 +3579,7 @@ static bool api_samr_RemoveMemberFromForeignDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3652,7 +3652,7 @@ static bool api_samr_QueryDomainInfo2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3732,7 +3732,7 @@ static bool api_samr_QueryUserInfo2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3812,7 +3812,7 @@ static bool api_samr_QueryDisplayInfo2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3904,7 +3904,7 @@ static bool api_samr_GetDisplayEnumerationIndex2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3984,7 +3984,7 @@ static bool api_samr_CreateUser2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4076,7 +4076,7 @@ static bool api_samr_QueryDisplayInfo3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4168,7 +4168,7 @@ static bool api_samr_AddMultipleMembersToAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4241,7 +4241,7 @@ static bool api_samr_RemoveMultipleMembersFromAlias(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4314,7 +4314,7 @@ static bool api_samr_OemChangePasswordUser2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4387,7 +4387,7 @@ static bool api_samr_ChangePasswordUser2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4460,7 +4460,7 @@ static bool api_samr_GetDomPwInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4540,7 +4540,7 @@ static bool api_samr_Connect2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4620,7 +4620,7 @@ static bool api_samr_SetUserInfo2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4693,7 +4693,7 @@ static bool api_samr_SetBootKeyInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4766,7 +4766,7 @@ static bool api_samr_GetBootKeyInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4846,7 +4846,7 @@ static bool api_samr_Connect3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4926,7 +4926,7 @@ static bool api_samr_Connect4(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5006,7 +5006,7 @@ static bool api_samr_ChangePasswordUser3(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5092,7 +5092,7 @@ static bool api_samr_Connect5(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5184,7 +5184,7 @@ static bool api_samr_RidToSid(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5264,7 +5264,7 @@ static bool api_samr_SetDsrmPassword(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -5337,7 +5337,7 @@ static bool api_samr_ValidatePassword(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_srvsvc.c b/source3/librpc/gen_ndr/srv_srvsvc.c index 66faaaaf7e..60a7212805 100644 --- a/source3/librpc/gen_ndr/srv_srvsvc.c +++ b/source3/librpc/gen_ndr/srv_srvsvc.c @@ -27,7 +27,7 @@ static bool api_srvsvc_NetCharDevEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -110,7 +110,7 @@ static bool api_srvsvc_NetCharDevGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -190,7 +190,7 @@ static bool api_srvsvc_NetCharDevControl(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -263,7 +263,7 @@ static bool api_srvsvc_NetCharDevQEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -346,7 +346,7 @@ static bool api_srvsvc_NetCharDevQGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -426,7 +426,7 @@ static bool api_srvsvc_NetCharDevQSetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -501,7 +501,7 @@ static bool api_srvsvc_NetCharDevQPurge(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -574,7 +574,7 @@ static bool api_srvsvc_NetCharDevQPurgeSelf(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -647,7 +647,7 @@ static bool api_srvsvc_NetConnEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -729,7 +729,7 @@ static bool api_srvsvc_NetFileEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -811,7 +811,7 @@ static bool api_srvsvc_NetFileGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -891,7 +891,7 @@ static bool api_srvsvc_NetFileClose(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -964,7 +964,7 @@ static bool api_srvsvc_NetSessEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1046,7 +1046,7 @@ static bool api_srvsvc_NetSessDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1119,7 +1119,7 @@ static bool api_srvsvc_NetShareAdd(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1194,7 +1194,7 @@ static bool api_srvsvc_NetShareEnumAll(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1276,7 +1276,7 @@ static bool api_srvsvc_NetShareGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1356,7 +1356,7 @@ static bool api_srvsvc_NetShareSetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1431,7 +1431,7 @@ static bool api_srvsvc_NetShareDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1504,7 +1504,7 @@ static bool api_srvsvc_NetShareDelSticky(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1577,7 +1577,7 @@ static bool api_srvsvc_NetShareCheck(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1657,7 +1657,7 @@ static bool api_srvsvc_NetSrvGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1737,7 +1737,7 @@ static bool api_srvsvc_NetSrvSetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1812,7 +1812,7 @@ static bool api_srvsvc_NetDiskEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1894,7 +1894,7 @@ static bool api_srvsvc_NetServerStatisticsGet(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1974,7 +1974,7 @@ static bool api_srvsvc_NetTransportAdd(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2047,7 +2047,7 @@ static bool api_srvsvc_NetTransportEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2130,7 +2130,7 @@ static bool api_srvsvc_NetTransportDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2203,7 +2203,7 @@ static bool api_srvsvc_NetRemoteTOD(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2283,7 +2283,7 @@ static bool api_srvsvc_NetSetServiceBits(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2356,7 +2356,7 @@ static bool api_srvsvc_NetPathType(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2436,7 +2436,7 @@ static bool api_srvsvc_NetPathCanonicalize(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2517,7 +2517,7 @@ static bool api_srvsvc_NetPathCompare(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2590,7 +2590,7 @@ static bool api_srvsvc_NetNameValidate(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2663,7 +2663,7 @@ static bool api_srvsvc_NETRPRNAMECANONICALIZE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2736,7 +2736,7 @@ static bool api_srvsvc_NetPRNameCompare(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2809,7 +2809,7 @@ static bool api_srvsvc_NetShareEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2891,7 +2891,7 @@ static bool api_srvsvc_NetShareDelStart(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2971,7 +2971,7 @@ static bool api_srvsvc_NetShareDelCommit(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3046,7 +3046,7 @@ static bool api_srvsvc_NetGetFileSecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3126,7 +3126,7 @@ static bool api_srvsvc_NetSetFileSecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3199,7 +3199,7 @@ static bool api_srvsvc_NetServerTransportAddEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3272,7 +3272,7 @@ static bool api_srvsvc_NetServerSetServiceBitsEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3345,7 +3345,7 @@ static bool api_srvsvc_NETRDFSGETVERSION(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3418,7 +3418,7 @@ static bool api_srvsvc_NETRDFSCREATELOCALPARTITION(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3491,7 +3491,7 @@ static bool api_srvsvc_NETRDFSDELETELOCALPARTITION(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3564,7 +3564,7 @@ static bool api_srvsvc_NETRDFSSETLOCALVOLUMESTATE(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3637,7 +3637,7 @@ static bool api_srvsvc_NETRDFSSETSERVERINFO(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3710,7 +3710,7 @@ static bool api_srvsvc_NETRDFSCREATEEXITPOINT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3783,7 +3783,7 @@ static bool api_srvsvc_NETRDFSDELETEEXITPOINT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3856,7 +3856,7 @@ static bool api_srvsvc_NETRDFSMODIFYPREFIX(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3929,7 +3929,7 @@ static bool api_srvsvc_NETRDFSFIXLOCALVOLUME(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4002,7 +4002,7 @@ static bool api_srvsvc_NETRDFSMANAGERREPORTSITEINFO(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -4075,7 +4075,7 @@ static bool api_srvsvc_NETRSERVERTRANSPORTDELEX(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_svcctl.c b/source3/librpc/gen_ndr/srv_svcctl.c index 32317ad8fe..d371ca2ec6 100644 --- a/source3/librpc/gen_ndr/srv_svcctl.c +++ b/source3/librpc/gen_ndr/srv_svcctl.c @@ -27,7 +27,7 @@ static bool api_svcctl_CloseServiceHandle(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -102,7 +102,7 @@ static bool api_svcctl_ControlService(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -182,7 +182,7 @@ static bool api_svcctl_DeleteService(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -255,7 +255,7 @@ static bool api_svcctl_LockServiceDatabase(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -335,7 +335,7 @@ static bool api_svcctl_QueryServiceObjectSecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -421,7 +421,7 @@ static bool api_svcctl_SetServiceObjectSecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -494,7 +494,7 @@ static bool api_svcctl_QueryServiceStatus(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -574,7 +574,7 @@ static bool api_svcctl_SetServiceStatus(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -647,7 +647,7 @@ static bool api_svcctl_UnlockServiceDatabase(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -722,7 +722,7 @@ static bool api_svcctl_NotifyBootConfigStatus(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -795,7 +795,7 @@ static bool api_svcctl_SCSetServiceBitsW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -868,7 +868,7 @@ static bool api_svcctl_ChangeServiceConfigW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -948,7 +948,7 @@ static bool api_svcctl_CreateServiceW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1029,7 +1029,7 @@ static bool api_svcctl_EnumDependentServicesW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1121,7 +1121,7 @@ static bool api_svcctl_EnumServicesStatusW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1214,7 +1214,7 @@ static bool api_svcctl_OpenSCManagerW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1294,7 +1294,7 @@ static bool api_svcctl_OpenServiceW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1374,7 +1374,7 @@ static bool api_svcctl_QueryServiceConfigW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1460,7 +1460,7 @@ static bool api_svcctl_QueryServiceLockStatusW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1546,7 +1546,7 @@ static bool api_svcctl_StartServiceW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1619,7 +1619,7 @@ static bool api_svcctl_GetServiceDisplayNameW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1700,7 +1700,7 @@ static bool api_svcctl_GetServiceKeyNameW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1781,7 +1781,7 @@ static bool api_svcctl_SCSetServiceBitsA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1854,7 +1854,7 @@ static bool api_svcctl_ChangeServiceConfigA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1934,7 +1934,7 @@ static bool api_svcctl_CreateServiceA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2014,7 +2014,7 @@ static bool api_svcctl_EnumDependentServicesA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2106,7 +2106,7 @@ static bool api_svcctl_EnumServicesStatusA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2199,7 +2199,7 @@ static bool api_svcctl_OpenSCManagerA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2279,7 +2279,7 @@ static bool api_svcctl_OpenServiceA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2352,7 +2352,7 @@ static bool api_svcctl_QueryServiceConfigA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2438,7 +2438,7 @@ static bool api_svcctl_QueryServiceLockStatusA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2524,7 +2524,7 @@ static bool api_svcctl_StartServiceA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2597,7 +2597,7 @@ static bool api_svcctl_GetServiceDisplayNameA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2678,7 +2678,7 @@ static bool api_svcctl_GetServiceKeyNameA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2759,7 +2759,7 @@ static bool api_svcctl_GetCurrentGroupeStateW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2832,7 +2832,7 @@ static bool api_svcctl_EnumServiceGroupW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2905,7 +2905,7 @@ static bool api_svcctl_ChangeServiceConfig2A(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2978,7 +2978,7 @@ static bool api_svcctl_ChangeServiceConfig2W(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3051,7 +3051,7 @@ static bool api_svcctl_QueryServiceConfig2A(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3137,7 +3137,7 @@ static bool api_svcctl_QueryServiceConfig2W(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3223,7 +3223,7 @@ static bool api_svcctl_QueryServiceStatusEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3309,7 +3309,7 @@ static bool api_EnumServicesStatusExA(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3408,7 +3408,7 @@ static bool api_EnumServicesStatusExW(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -3507,7 +3507,7 @@ static bool api_svcctl_SCSendTSMessage(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_winreg.c b/source3/librpc/gen_ndr/srv_winreg.c index c697f44d2a..2162306322 100644 --- a/source3/librpc/gen_ndr/srv_winreg.c +++ b/source3/librpc/gen_ndr/srv_winreg.c @@ -27,7 +27,7 @@ static bool api_winreg_OpenHKCR(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_winreg_OpenHKCU(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -187,7 +187,7 @@ static bool api_winreg_OpenHKLM(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -267,7 +267,7 @@ static bool api_winreg_OpenHKPD(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -347,7 +347,7 @@ static bool api_winreg_OpenHKU(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -427,7 +427,7 @@ static bool api_winreg_CloseKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -502,7 +502,7 @@ static bool api_winreg_CreateKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -583,7 +583,7 @@ static bool api_winreg_DeleteKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -656,7 +656,7 @@ static bool api_winreg_DeleteValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -729,7 +729,7 @@ static bool api_winreg_EnumKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -806,7 +806,7 @@ static bool api_winreg_EnumValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -885,7 +885,7 @@ static bool api_winreg_FlushKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -958,7 +958,7 @@ static bool api_winreg_GetKeySecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1033,7 +1033,7 @@ static bool api_winreg_LoadKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1106,7 +1106,7 @@ static bool api_winreg_NotifyChangeKeyValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1179,7 +1179,7 @@ static bool api_winreg_OpenKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1259,7 +1259,7 @@ static bool api_winreg_QueryInfoKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1382,7 +1382,7 @@ static bool api_winreg_QueryValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1460,7 +1460,7 @@ static bool api_winreg_ReplaceKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1533,7 +1533,7 @@ static bool api_winreg_RestoreKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1606,7 +1606,7 @@ static bool api_winreg_SaveKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1679,7 +1679,7 @@ static bool api_winreg_SetKeySecurity(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1752,7 +1752,7 @@ static bool api_winreg_SetValue(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1825,7 +1825,7 @@ static bool api_winreg_UnLoadKey(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1898,7 +1898,7 @@ static bool api_winreg_InitiateSystemShutdown(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1971,7 +1971,7 @@ static bool api_winreg_AbortSystemShutdown(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2044,7 +2044,7 @@ static bool api_winreg_GetVersion(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2124,7 +2124,7 @@ static bool api_winreg_OpenHKCC(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2204,7 +2204,7 @@ static bool api_winreg_OpenHKDD(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2284,7 +2284,7 @@ static bool api_winreg_QueryMultipleValues(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2361,7 +2361,7 @@ static bool api_winreg_InitiateSystemShutdownEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2434,7 +2434,7 @@ static bool api_winreg_SaveKeyEx(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2507,7 +2507,7 @@ static bool api_winreg_OpenHKPT(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2587,7 +2587,7 @@ static bool api_winreg_OpenHKPN(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2667,7 +2667,7 @@ static bool api_winreg_QueryMultipleValues2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/srv_wkssvc.c b/source3/librpc/gen_ndr/srv_wkssvc.c index 227e4c1a48..68813dbba7 100644 --- a/source3/librpc/gen_ndr/srv_wkssvc.c +++ b/source3/librpc/gen_ndr/srv_wkssvc.c @@ -27,7 +27,7 @@ static bool api_wkssvc_NetWkstaGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -107,7 +107,7 @@ static bool api_wkssvc_NetWkstaSetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -182,7 +182,7 @@ static bool api_wkssvc_NetWkstaEnumUsers(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -264,7 +264,7 @@ static bool api_wkssvc_NetrWkstaUserGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -344,7 +344,7 @@ static bool api_wkssvc_NetrWkstaUserSetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -419,7 +419,7 @@ static bool api_wkssvc_NetWkstaTransportEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -501,7 +501,7 @@ static bool api_wkssvc_NetrWkstaTransportAdd(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -576,7 +576,7 @@ static bool api_wkssvc_NetrWkstaTransportDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -649,7 +649,7 @@ static bool api_wkssvc_NetrUseAdd(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -724,7 +724,7 @@ static bool api_wkssvc_NetrUseGetInfo(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -804,7 +804,7 @@ static bool api_wkssvc_NetrUseDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -877,7 +877,7 @@ static bool api_wkssvc_NetrUseEnum(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -959,7 +959,7 @@ static bool api_wkssvc_NetrMessageBufferSend(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1032,7 +1032,7 @@ static bool api_wkssvc_NetrWorkstationStatisticsGet(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1112,7 +1112,7 @@ static bool api_wkssvc_NetrLogonDomainNameAdd(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1185,7 +1185,7 @@ static bool api_wkssvc_NetrLogonDomainNameDel(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1258,7 +1258,7 @@ static bool api_wkssvc_NetrJoinDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1331,7 +1331,7 @@ static bool api_wkssvc_NetrUnjoinDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1404,7 +1404,7 @@ static bool api_wkssvc_NetrRenameMachineInDomain(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1477,7 +1477,7 @@ static bool api_wkssvc_NetrValidateName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1550,7 +1550,7 @@ static bool api_wkssvc_NetrGetJoinInformation(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1631,7 +1631,7 @@ static bool api_wkssvc_NetrGetJoinableOus(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1712,7 +1712,7 @@ static bool api_wkssvc_NetrJoinDomain2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1785,7 +1785,7 @@ static bool api_wkssvc_NetrUnjoinDomain2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1858,7 +1858,7 @@ static bool api_wkssvc_NetrRenameMachineInDomain2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -1931,7 +1931,7 @@ static bool api_wkssvc_NetrValidateName2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2004,7 +2004,7 @@ static bool api_wkssvc_NetrGetJoinableOus2(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2085,7 +2085,7 @@ static bool api_wkssvc_NetrAddAlternateComputerName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2158,7 +2158,7 @@ static bool api_wkssvc_NetrRemoveAlternateComputerName(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2231,7 +2231,7 @@ static bool api_wkssvc_NetrSetPrimaryComputername(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; @@ -2304,7 +2304,7 @@ static bool api_wkssvc_NetrEnumerateComputerNames(pipes_struct *p) return false; } - pull = ndr_pull_init_blob(&blob, r); + pull = ndr_pull_init_blob(&blob, r, NULL); if (pull == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 039dcf4152..f2f4a16c12 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -517,7 +517,9 @@ interface libnetapi uint32 usriX_code_page; string usriX_profile; string usriX_home_dir_drive; + uint32 usriX_user_id; uint32 usriX_primary_group_id; + uint32 usriX_password_expired; } USER_INFO_X; [nopush,nopull] NET_API_STATUS NetUserAdd( diff --git a/source3/librpc/idl/nbt.idl b/source3/librpc/idl/nbt.idl index 654f53c52f..f3590fcf2b 100644 --- a/source3/librpc/idl/nbt.idl +++ b/source3/librpc/idl/nbt.idl @@ -10,7 +10,7 @@ import "misc.idl", "security.idl", "svcctl.idl", "samr.idl"; [ -helper("libcli/nbt/libnbt.h") + helper("../libcli/netlogon.h", "../libcli/nbt/libnbt.h") ] interface nbt { @@ -73,11 +73,11 @@ interface nbt nbt_name_type type; } nbt_name; - typedef [enum16bit] enum { + typedef [public,enum16bit] enum { NBT_QCLASS_IP = 0x01 } nbt_qclass; - typedef [enum16bit] enum { + typedef [public,enum16bit] enum { NBT_QTYPE_ADDRESS = 0x0001, NBT_QTYPE_NAMESERVICE = 0x0002, NBT_QTYPE_NULL = 0x000A, @@ -160,7 +160,7 @@ interface nbt uint8 data[length]; } nbt_rdata_data; - typedef [nodiscriminant] union { + typedef [nodiscriminant,public] union { [case(NBT_QTYPE_NETBIOS)] nbt_rdata_netbios netbios; [case(NBT_QTYPE_STATUS)] nbt_rdata_status status; [default] nbt_rdata_data data; @@ -172,18 +172,12 @@ interface nbt * together with NBT_QTYPE_NETBIOS * for WACK replies */ -#define NBT_RES_REC_LEVEL(rr_type, rdata) (\ - (((rr_type) == NBT_QTYPE_NETBIOS) && \ - talloc_check_name(ndr, "struct ndr_push") && \ - ((rdata).data.length == 2)) \ - ? 0 : rr_type) - - typedef [flag(LIBNDR_PRINT_ARRAY_HEX)] struct { + typedef [flag(LIBNDR_PRINT_ARRAY_HEX),nopush] struct { nbt_name name; nbt_qtype rr_type; nbt_qclass rr_class; uint32 ttl; - [switch_is(NBT_RES_REC_LEVEL(rr_type, rdata))] nbt_rdata rdata; + [switch_is(rr_type)] nbt_rdata rdata; } nbt_res_rec; typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { @@ -338,65 +332,19 @@ interface nbt } nbt_dgram_packet; - /*******************************************/ - /* \MAILSLOT\NET\NETLOGON mailslot requests */ - typedef enum { - NETLOGON_QUERY_FOR_PDC = 0x7, - NETLOGON_ANNOUNCE_UAS = 0xa, - NETLOGON_RESPONSE_FROM_PDC = 0xc, - NETLOGON_QUERY_FOR_PDC2 = 0x12, - NETLOGON_RESPONSE_FROM_PDC2 = 0x17, - NETLOGON_RESPONSE_FROM_PDC_USER = 0x19 - } nbt_netlogon_command; - - typedef [flag(NDR_LITTLE_ENDIAN),bitmap32bit] bitmap { - NETLOGON_VERSION_1 = 0x00000001, - NETLOGON_VERSION_5 = 0x00000002, - NETLOGON_VERSION_5EX = 0x00000004, - NETLOGON_VERSION_5EX_WITH_IP = 0x00000008, - NETLOGON_VERSION_WITH_CLOSEST_SITE = 0x00000010, - NETLOGON_VERSION_AVOID_NT4_EMUL = 0x01000000, - NETLOGON_VERSION_PDC = 0x10000000, - NETLOGON_VERSION_IP = 0x20000000, - NETLOGON_VERSION_LOCAL = 0x40000000, - NETLOGON_VERSION_GC = 0x80000000 - } nbt_netlogon_version; + /****************************************** + * \MAILSLOT\NET\NETLOGON mailslot requests + * and + * \MAILSLOT\NET\NTLOGON mailslot requests + */ - /* query for pdc request */ - typedef struct { - astring computer_name; - astring mailslot_name; - [flag(NDR_ALIGN2)] DATA_BLOB _pad; - nstring unicode_name; - nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_netlogon_query_for_pdc; - - /* query for pdc request - new style */ - typedef struct { - uint16 request_count; - nstring computer_name; - nstring user_name; - astring mailslot_name; - uint32 unknown[2]; - nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_netlogon_query_for_pdc2; - - /* response from pdc */ - typedef struct { - astring pdc_name; - [flag(NDR_ALIGN2)] DATA_BLOB _pad; - nstring unicode_pdc_name; - nstring domain_name; - nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_netlogon_response_from_pdc; + typedef [public,gensize] struct { + uint32 sockaddr_family; + [flag(NDR_BIG_ENDIAN)] ipv4address pdc_ip; + [flag(NDR_REMAINING)] DATA_BLOB remaining; + } nbt_sockaddr; - typedef [bitmap32bit] bitmap { + typedef [bitmap32bit,public] bitmap { NBT_SERVER_PDC = 0x00000001, NBT_SERVER_GC = 0x00000004, NBT_SERVER_LDAP = 0x00000008, @@ -411,111 +359,89 @@ interface nbt NBT_SERVER_FULL_SECRET_DOMAIN_6 = 0x00001000 } nbt_server_type; - typedef struct { - uint32 family; - [flag(NDR_BIG_ENDIAN)] ipv4address pdc_ip; - [flag(NDR_REMAINING)] DATA_BLOB remaining; - } nbt_dc_sock_addr; - - /* response from pdc - type2 */ - typedef struct { + typedef [bitmap32bit,public] bitmap { + NETLOGON_NT_VERSION_1 = 0x00000001, + NETLOGON_NT_VERSION_5 = 0x00000002, + NETLOGON_NT_VERSION_5EX = 0x00000004, + NETLOGON_NT_VERSION_5EX_WITH_IP = 0x00000008, + NETLOGON_NT_VERSION_WITH_CLOSEST_SITE = 0x00000010, + NETLOGON_NT_VERSION_AVIOD_NT4EMUL = 0x01000000, + NETLOGON_NT_VERSION_PDC = 0x10000000, + NETLOGON_NT_VERSION_IP = 0x20000000, + NETLOGON_NT_VERSION_LOCAL = 0x40000000, + NETLOGON_NT_VERSION_GC = 0x80000000 + } netlogon_nt_version_flags; + + typedef [enum16bit,public] enum { + LOGON_PRIMARY_QUERY = 7, /* Was also NETLOGON_QUERY_FOR_PDC */ + NETLOGON_ANNOUNCE_UAS = 10, + NETLOGON_RESPONSE_FROM_PDC = 12, + LOGON_SAM_LOGON_REQUEST = 18, /* Was also NETLOGON_QUERY_FOR_PDC2, NTLOGON_SAM_LOGON */ + LOGON_SAM_LOGON_RESPONSE = 19, /* Was also NTLOGON_SAM_LOGON_REPLY */ + LOGON_SAM_LOGON_PAUSE_RESPONSE = 20, + LOGON_SAM_LOGON_USER_UNKNOWN = 21, /* Was also NTLOGON_SAM_LOGON_REPLY15 */ + LOGON_SAM_LOGON_RESPONSE_EX = 23, /* was NETLOGON_RESPONSE_FROM_PDC2 */ + LOGON_SAM_LOGON_PAUSE_RESPONSE_EX = 24, + LOGON_SAM_LOGON_USER_UNKNOWN_EX = 25 /* was NETLOGON_RESPONSE_FROM_PDC_USER */ + } netlogon_command; + + typedef bitmap samr_AcctFlags samr_AcctFlags; + + /* query to dc hand marshaled, as it has 'optional' + * parts */ + typedef [nopull,nopush] struct { + uint16 request_count; + nstring computer_name; + nstring user_name; + astring mailslot_name; + samr_AcctFlags acct_control; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + /* The manual alignment is required because this + * structure is marked flag(NDR_NOALIGN) via the + * nbt_netlogon_packet below. + * + * However, both MUST only be present if sid_size > 0 + */ [flag(NDR_ALIGN4)] DATA_BLOB _pad; - nbt_server_type server_type; - GUID domain_uuid; - nbt_string forest; - nbt_string dns_domain; - nbt_string pdc_dns_name; - nbt_string domain; - nbt_string pdc_name; - nbt_string user_name; - nbt_string server_site; - nbt_string client_site; - uint8 dc_sock_addr_size; - [subcontext(0),subcontext_size(dc_sock_addr_size)] nbt_dc_sock_addr dc_sock_addr; - nbt_netlogon_version nt_version; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_netlogon_response_from_pdc2; - - typedef enum netr_SamDatabaseID netr_SamDatabaseID; - - /* announce change to UAS or SAM */ - typedef struct { - netr_SamDatabaseID db_index; - hyper serial; - NTTIME timestamp; - } nbt_db_change; - - /* used to announce SAM changes */ - typedef struct { - uint32 serial_lo; - time_t timestamp; - uint32 pulse; - uint32 random; - astring pdc_name; - astring domain; - [flag(NDR_ALIGN2)] DATA_BLOB _pad; - nstring unicode_pdc_name; - nstring unicode_domain; - uint32 db_count; - nbt_db_change dbchange[db_count]; - [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; - [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; - nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_netlogon_announce_uas; - - typedef [nodiscriminant] union { - [case(NETLOGON_QUERY_FOR_PDC)] nbt_netlogon_query_for_pdc pdc; - [case(NETLOGON_QUERY_FOR_PDC2)] nbt_netlogon_query_for_pdc2 pdc2; - [case(NETLOGON_ANNOUNCE_UAS)] nbt_netlogon_announce_uas uas; - [case(NETLOGON_RESPONSE_FROM_PDC)] nbt_netlogon_response_from_pdc response; - [case(NETLOGON_RESPONSE_FROM_PDC2)] nbt_netlogon_response_from_pdc2 response2; - [case(NETLOGON_RESPONSE_FROM_PDC_USER)] nbt_netlogon_response_from_pdc2 response2; - } nbt_netlogon_request; + } NETLOGON_SAM_LOGON_REQUEST; typedef [flag(NDR_NOALIGN),public] struct { - nbt_netlogon_command command; - [switch_is(command)] nbt_netlogon_request req; - } nbt_netlogon_packet; - - /*******************************************/ - /* CLDAP netlogon response */ - - /* note that these structures are very similar to, but not - quite identical to, the netlogon structures above */ - - typedef struct { - nbt_netlogon_command type; - nstring pdc_name; + netlogon_command command; + nstring server; nstring user_name; - nstring domain_name; - [value(1)] nbt_netlogon_version nt_version; + nstring domain; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_cldap_netlogon_1; + } NETLOGON_SAM_LOGON_RESPONSE_NT40; - typedef struct { - nbt_netlogon_command type; + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; nstring pdc_name; nstring user_name; nstring domain_name; GUID domain_uuid; - GUID unknown_uuid; + GUID zero_uuid; nbt_string forest; nbt_string dns_domain; nbt_string pdc_dns_name; ipv4address pdc_ip; nbt_server_type server_type; - [value(3)] nbt_netlogon_version nt_version; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_cldap_netlogon_3; + } NETLOGON_SAM_LOGON_RESPONSE; - typedef [public] struct { - nbt_netlogon_command type; - uint16 sbz; + /* response from pdc hand marshaled (we have an additional + * function that uses this structure), as it has 'optional' + * parts */ + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + uint16 sbz; /* From the docs */ nbt_server_type server_type; GUID domain_uuid; nbt_string forest; @@ -526,148 +452,91 @@ interface nbt nbt_string user_name; nbt_string server_site; nbt_string client_site; - [value(5)] nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_cldap_netlogon_5; - typedef struct { - nbt_netlogon_command type; - uint16 sbz; - nbt_server_type server_type; - GUID domain_uuid; - nbt_string forest; - nbt_string dns_domain; - nbt_string pdc_dns_name; - nbt_string domain; - nbt_string pdc_name; - nbt_string user_name; - nbt_string server_site; - nbt_string client_site; - uint8 dc_sock_addr_size; - [subcontext(0),subcontext_size(dc_sock_addr_size)] nbt_dc_sock_addr dc_sock_addr; - [value(13)] nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_cldap_netlogon_13; + /* Optional on NETLOGON_NT_VERSION_5EX_WITH_IP */ + [value(ndr_size_nbt_sockaddr(&sockaddr, ndr->flags))] uint8 sockaddr_size; + [subcontext(0),subcontext_size(sockaddr_size)] nbt_sockaddr sockaddr; - typedef [public] struct { - nbt_netlogon_command type; - uint16 sbz; - nbt_server_type server_type; - GUID domain_uuid; - nbt_string forest; - nbt_string dns_domain; - nbt_string pdc_dns_name; - nbt_string domain; - nbt_string pdc_name; - nbt_string user_name; - nbt_string server_site; - nbt_string client_site; + /* Optional on NETLOGON_NT_VERSION_WITH_CLOSEST_SITE */ nbt_string next_closest_site; - [value(15)] nbt_netlogon_version nt_version; - uint16 lmnt_token; - uint16 lm20_token; - } nbt_cldap_netlogon_15; - typedef [public] struct { - nbt_netlogon_command type; - uint16 sbz; - nbt_server_type server_type; - GUID domain_uuid; - nbt_string forest; - nbt_string dns_domain; - nbt_string pdc_dns_name; - nbt_string domain; - nbt_string pdc_name; - nbt_string user_name; - nbt_string server_site; - nbt_string client_site; - uint8 dc_sock_addr_size; - [subcontext(0),subcontext_size(dc_sock_addr_size)] nbt_dc_sock_addr dc_sock_addr; - nbt_string next_closest_site; - [value(29)] nbt_netlogon_version nt_version; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_cldap_netlogon_29; - - typedef [flag(NDR_NOALIGN),public,nodiscriminant] union { - [case(0)] nbt_cldap_netlogon_1 logon1; - [case(1)] nbt_cldap_netlogon_1 logon1; - [case(2)] nbt_cldap_netlogon_3 logon3; - [case(3)] nbt_cldap_netlogon_3 logon3; - [case(4)] nbt_cldap_netlogon_5 logon5; - [case(5)] nbt_cldap_netlogon_5 logon5; - [case(6)] nbt_cldap_netlogon_5 logon5; - [case(7)] nbt_cldap_netlogon_5 logon5; - [case(8)] nbt_cldap_netlogon_13 logon13; - [case(9)] nbt_cldap_netlogon_13 logon13; - [case(10)] nbt_cldap_netlogon_13 logon13; - [case(11)] nbt_cldap_netlogon_13 logon13; - [case(12)] nbt_cldap_netlogon_13 logon13; - [case(13)] nbt_cldap_netlogon_13 logon13; - [case(14)] nbt_cldap_netlogon_13 logon13; - [case(15)] nbt_cldap_netlogon_13 logon13; - [case(16)] nbt_cldap_netlogon_1 logon1; - [case(17)] nbt_cldap_netlogon_1 logon1; - [case(18)] nbt_cldap_netlogon_3 logon3; - [case(19)] nbt_cldap_netlogon_3 logon3; - [case(20)] nbt_cldap_netlogon_15 logon15; - [case(21)] nbt_cldap_netlogon_15 logon15; - [case(22)] nbt_cldap_netlogon_15 logon15; - [case(23)] nbt_cldap_netlogon_15 logon15; - [case(24)] nbt_cldap_netlogon_15 logon15; - [case(25)] nbt_cldap_netlogon_15 logon15; - [case(26)] nbt_cldap_netlogon_15 logon15; - [case(27)] nbt_cldap_netlogon_15 logon15; - [case(28)] nbt_cldap_netlogon_15 logon15; - [case(29)] nbt_cldap_netlogon_29 logon29; - [case(30)] nbt_cldap_netlogon_29 logon29; - [case(31)] nbt_cldap_netlogon_29 logon29; - } nbt_cldap_netlogon; - - /*******************************************/ - /* \MAILSLOT\NET\NTLOGON mailslot requests */ - typedef enum { - NTLOGON_SAM_LOGON = 0x12, - NTLOGON_SAM_LOGON_REPLY = 0x13, - NTLOGON_SAM_LOGON_REPLY15 = 0x15, - NTLOGON_RESPONSE_FROM_PDC2 = 0x17 - } nbt_ntlogon_command; + } NETLOGON_SAM_LOGON_RESPONSE_EX; + /* query for pdc request */ typedef struct { - uint16 request_count; - nstring computer_name; - nstring user_name; + astring computer_name; astring mailslot_name; - samr_AcctFlags acct_control; - [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; - [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; - nbt_netlogon_version nt_version; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_name; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_ntlogon_sam_logon; + } nbt_netlogon_query_for_pdc; - typedef struct { - nstring server; - nstring user_name; - nstring domain; - nbt_netlogon_version nt_version; + /* response from pdc */ + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + astring pdc_name; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring domain_name; + netlogon_nt_version_flags nt_version; uint16 lmnt_token; uint16 lm20_token; - } nbt_ntlogon_sam_logon_reply; + } nbt_netlogon_response_from_pdc; + + typedef enum netr_SamDatabaseID netr_SamDatabaseID; + + /* used to announce SAM changes - MS-NRPC 2.2.1.5.1 */ + typedef struct { + netr_SamDatabaseID db_index; + hyper serial; + NTTIME timestamp; + } nbt_db_change_info; + + typedef struct { + uint32 serial_lo; + time_t timestamp; + uint32 pulse; + uint32 random; + astring pdc_name; + astring domain; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring unicode_domain; + uint32 db_count; + nbt_db_change_info dbchange[db_count]; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + uint32 message_format_version; + uint32 message_token; + } NETLOGON_DB_CHANGE; typedef [nodiscriminant] union { - [case(NTLOGON_SAM_LOGON)] nbt_ntlogon_sam_logon logon; - [case(NTLOGON_SAM_LOGON_REPLY)] nbt_ntlogon_sam_logon_reply reply; - [case(NTLOGON_SAM_LOGON_REPLY15)] nbt_ntlogon_sam_logon_reply reply; - [case(NTLOGON_RESPONSE_FROM_PDC2)] nbt_netlogon_response_from_pdc2 reply2; - } nbt_ntlogon_request; + [case(LOGON_SAM_LOGON_REQUEST)] NETLOGON_SAM_LOGON_REQUEST logon; + [case(LOGON_PRIMARY_QUERY)] nbt_netlogon_query_for_pdc pdc; + [case(NETLOGON_ANNOUNCE_UAS)] NETLOGON_DB_CHANGE uas; + } nbt_netlogon_request; + +#if 0 + [case(NETLOGON_RESPONSE_FROM_PDC)] nbt_netlogon_response_from_pdc response; + [case(NETLOGON_RESPONSE_FROM_PDC_USER)] nbt_netlogon_response_from_pdc2 response2; + + [case(LOGON_SAM_LOGON_PAUSE_RESPONSE)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_RESPONSE)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_USER_UNKNOWN)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_RESPONSE_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; + [case(LOGON_SAM_LOGON_PAUSE_RESPONSE_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; + [case(LOGON_SAM_LOGON_USER_UNKNOWN_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; +#endif typedef [flag(NDR_NOALIGN),public] struct { - nbt_ntlogon_command command; - [switch_is(command)] nbt_ntlogon_request req; - } nbt_ntlogon_packet; + netlogon_command command; + [switch_is(command)] nbt_netlogon_request req; + } nbt_netlogon_packet; /********************************************************/ /* \MAILSLOT\BROWSE mailslot requests */ diff --git a/source3/librpc/ndr/ndr.c b/source3/librpc/ndr/ndr.c index d94d12e146..56d5967de9 100644 --- a/source3/librpc/ndr/ndr.c +++ b/source3/librpc/ndr/ndr.c @@ -53,7 +53,7 @@ _PUBLIC_ size_t ndr_align_size(uint32_t offset, size_t n) /* initialise a ndr parse structure from a data blob */ -_PUBLIC_ struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx) +_PUBLIC_ struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience) { struct ndr_pull *ndr; @@ -803,11 +803,14 @@ _PUBLIC_ uint32_t ndr_print_get_switch_value(struct ndr_print *ndr, const void * /* pull a struct from a blob using NDR */ -_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, - ndr_pull_flags_fn_t fn) +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, + TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + void *p, + ndr_pull_flags_fn_t fn) { struct ndr_pull *ndr; - ndr = ndr_pull_init_blob(blob, mem_ctx); + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); NDR_ERR_HAVE_NO_MEMORY(ndr); NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); return NDR_ERR_SUCCESS; @@ -816,11 +819,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CT /* pull a struct from a blob using NDR - failing if all bytes are not consumed */ -_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, void *p, - ndr_pull_flags_fn_t fn) +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + void *p, ndr_pull_flags_fn_t fn) { struct ndr_pull *ndr; - ndr = ndr_pull_init_blob(blob, mem_ctx); + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); NDR_ERR_HAVE_NO_MEMORY(ndr); NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); if (ndr->offset < ndr->data_size) { @@ -838,7 +842,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_union_blob(const DATA_BLOB *blob, TALLOC_CTX uint32_t level, ndr_pull_flags_fn_t fn) { struct ndr_pull *ndr; - ndr = ndr_pull_init_blob(blob, mem_ctx); + ndr = ndr_pull_init_blob(blob, mem_ctx, NULL); NDR_ERR_HAVE_NO_MEMORY(ndr); NDR_CHECK(ndr_pull_set_switch_value(ndr, p, level)); NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); @@ -853,7 +857,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_union_blob_all(const DATA_BLOB *blob, TALLOC uint32_t level, ndr_pull_flags_fn_t fn) { struct ndr_pull *ndr; - ndr = ndr_pull_init_blob(blob, mem_ctx); + ndr = ndr_pull_init_blob(blob, mem_ctx, NULL); NDR_ERR_HAVE_NO_MEMORY(ndr); NDR_CHECK(ndr_pull_set_switch_value(ndr, p, level)); NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); @@ -868,8 +872,11 @@ _PUBLIC_ enum ndr_err_code ndr_pull_union_blob_all(const DATA_BLOB *blob, TALLOC /* push a struct to a blob using NDR */ -_PUBLIC_ enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, const void *p, - ndr_push_flags_fn_t fn) +_PUBLIC_ enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, + TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + const void *p, + ndr_push_flags_fn_t fn) { struct ndr_push *ndr; ndr = ndr_push_init_ctx(mem_ctx); diff --git a/source3/librpc/rpc/binding.c b/source3/librpc/rpc/binding.c index 01e3479c23..469c5db8d5 100644 --- a/source3/librpc/rpc/binding.c +++ b/source3/librpc/rpc/binding.c @@ -357,7 +357,7 @@ _PUBLIC_ NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struc _PUBLIC_ NTSTATUS dcerpc_floor_get_lhs_data(struct epm_floor *epm_floor, struct ndr_syntax_id *syntax) { TALLOC_CTX *mem_ctx = talloc_init("floor_get_lhs_data"); - struct ndr_pull *ndr = ndr_pull_init_blob(&epm_floor->lhs.lhs_data, mem_ctx); + struct ndr_pull *ndr = ndr_pull_init_blob(&epm_floor->lhs.lhs_data, mem_ctx, NULL); enum ndr_err_code ndr_err; uint16_t if_version=0; diff --git a/source3/librpc/rpc/dcerpc.c b/source3/librpc/rpc/dcerpc.c index 58d676a9d9..7a870981fd 100644 --- a/source3/librpc/rpc/dcerpc.c +++ b/source3/librpc/rpc/dcerpc.c @@ -100,7 +100,7 @@ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req) prs_mem_free( &r_ps ); - pull = ndr_pull_init_blob(&blob, req); + pull = ndr_pull_init_blob(&blob, req, NULL); if (pull == NULL) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/librpc/tools/ndrdump.c b/source3/librpc/tools/ndrdump.c index dc7f2be32f..08b969ae76 100644 --- a/source3/librpc/tools/ndrdump.c +++ b/source3/librpc/tools/ndrdump.c @@ -294,7 +294,7 @@ static const struct ndr_interface_table *load_iface_from_plugin(const char *plug blob.data = data; blob.length = size; - ndr_pull = ndr_pull_init_blob(&blob, mem_ctx); + ndr_pull = ndr_pull_init_blob(&blob, mem_ctx, NULL); ndr_pull->flags |= LIBNDR_FLAG_REF_ALLOC; ndr_err = f->ndr_pull(ndr_pull, NDR_IN, st); @@ -331,7 +331,7 @@ static const struct ndr_interface_table *load_iface_from_plugin(const char *plug blob.data = data; blob.length = size; - ndr_pull = ndr_pull_init_blob(&blob, mem_ctx); + ndr_pull = ndr_pull_init_blob(&blob, mem_ctx, NULL); ndr_pull->flags |= LIBNDR_FLAG_REF_ALLOC; ndr_err = f->ndr_pull(ndr_pull, flags, st); @@ -385,7 +385,7 @@ static const struct ndr_interface_table *load_iface_from_plugin(const char *plug dump_data(0, v_blob.data, v_blob.length); } - ndr_v_pull = ndr_pull_init_blob(&v_blob, mem_ctx); + ndr_v_pull = ndr_pull_init_blob(&v_blob, mem_ctx, NULL); ndr_v_pull->flags |= LIBNDR_FLAG_REF_ALLOC; ndr_err = f->ndr_pull(ndr_v_pull, flags, v_st); diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index fb35ecbe1f..68495076b6 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -924,7 +924,7 @@ static void cli_state_handler(struct event_context *event_ctx, } cli->evt_inbuf = tmp; - res = recv(cli->fd, cli->evt_inbuf + old_size, available, 0); + res = sys_recv(cli->fd, cli->evt_inbuf + old_size, available, 0); if (res == -1) { DEBUG(10, ("recv failed: %s\n", strerror(errno))); status = map_nt_error_from_unix(errno); @@ -970,7 +970,7 @@ static void cli_state_handler(struct event_context *event_ctx, return; } - sent = send(cli->fd, req->outbuf + req->sent, + sent = sys_send(cli->fd, req->outbuf + req->sent, to_send - req->sent, 0); if (sent < 0) { diff --git a/source3/libsmb/clidgram.c b/source3/libsmb/clidgram.c index 8b35a69def..611ae0870c 100644 --- a/source3/libsmb/clidgram.c +++ b/source3/libsmb/clidgram.c @@ -136,8 +136,8 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, struct in_addr dc_ip; const char *my_acct_name = NULL; const char *my_mailslot = NULL; - struct nbt_ntlogon_packet packet; - struct nbt_ntlogon_sam_logon *s; + struct nbt_netlogon_packet packet; + struct NETLOGON_SAM_LOGON_REQUEST *s; enum ndr_err_code ndr_err; DATA_BLOB blob; struct dom_sid my_sid; @@ -164,7 +164,7 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, return false; } - packet.command = NTLOGON_SAM_LOGON; + packet.command = LOGON_SAM_LOGON_REQUEST; s = &packet.req.logon; s->request_count = 0; @@ -178,11 +178,11 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, s->lm20_token = 0xffff; if (DEBUGLEVEL >= 10) { - NDR_PRINT_DEBUG(nbt_ntlogon_packet, &packet); + NDR_PRINT_DEBUG(nbt_netlogon_packet, &packet); } - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &packet, - (ndr_push_flags_fn_t)ndr_push_nbt_ntlogon_packet); + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, &packet, + (ndr_push_flags_fn_t)ndr_push_nbt_netlogon_packet); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return false; } @@ -199,15 +199,16 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, const char *domain_name, uint32_t *nt_version, const char **dc_name, - union nbt_cldap_netlogon **reply) + struct netlogon_samlogon_response **_r) { struct packet_struct *packet; const char *my_mailslot = NULL; struct in_addr dc_ip; DATA_BLOB blob; - union nbt_cldap_netlogon r; + struct netlogon_samlogon_response r; union dgram_message_body p; enum ndr_err_code ndr_err; + NTSTATUS status; const char *returned_dc = NULL; const char *returned_domain = NULL; @@ -266,66 +267,20 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, blob = p.smb.body.trans.data; - if (!pull_mailslot_cldap_reply(mem_ctx, &blob, - &r, nt_version)) - { + ZERO_STRUCT(r); + + status = pull_netlogon_samlogon_response(&blob, mem_ctx, NULL, &r); + if (!NT_STATUS_IS_OK(status)) { return false; } - switch (*nt_version) { - case 1: - case 16: - case 17: - - returned_domain = r.logon1.domain_name; - returned_dc = r.logon1.pdc_name; - break; - case 2: - case 3: - case 18: - case 19: - returned_domain = r.logon3.domain_name; - returned_dc = r.logon3.pdc_name; - break; - case 4: - case 5: - case 6: - case 7: - returned_domain = r.logon5.domain; - returned_dc = r.logon5.pdc_name; - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - returned_domain = r.logon13.domain; - returned_dc = r.logon13.pdc_name; - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - returned_domain = r.logon15.domain; - returned_dc = r.logon15.pdc_name; - break; - case 29: - case 30: - case 31: - returned_domain = r.logon29.domain; - returned_dc = r.logon29.pdc_name; - break; - default: - return false; - } + map_netlogon_samlogon_response(&r); + + /* do we still need this ? */ + *nt_version = r.ntver; + + returned_domain = r.data.nt5_ex.domain; + returned_dc = r.data.nt5_ex.pdc_name; if (!strequal(returned_domain, domain_name)) { DEBUG(3, ("GetDC: Expected domain %s, got %s\n", @@ -341,10 +296,10 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, if (**dc_name == '\\') *dc_name += 1; if (**dc_name == '\\') *dc_name += 1; - if (reply) { - *reply = (union nbt_cldap_netlogon *)talloc_memdup( - mem_ctx, &r, sizeof(union nbt_cldap_netlogon)); - if (!*reply) { + if (_r) { + *_r = (struct netlogon_samlogon_response *)talloc_memdup( + mem_ctx, &r, sizeof(struct netlogon_samlogon_response)); + if (!*_r) { return false; } } diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 9d65fb4e94..8a5aedfde5 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -464,13 +464,11 @@ struct cli_state *cli_initialise(void) return NULL; } - cli = talloc(NULL, struct cli_state); + cli = TALLOC_ZERO_P(NULL, struct cli_state); if (!cli) { return NULL; } - ZERO_STRUCTP(cli); - cli->port = 0; cli->fd = -1; cli->cnum = -1; diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c index 36746419f7..54f8a7a43c 100644 --- a/source3/libsmb/clierror.c +++ b/source3/libsmb/clierror.c @@ -236,142 +236,6 @@ void cli_dos_error(struct cli_state *cli, uint8 *eclass, uint32 *ecode) *ecode = SVAL(cli->inbuf,smb_err); } -/* Return a UNIX errno from a NT status code */ -static const struct { - NTSTATUS status; - int error; -} nt_errno_map[] = { - {NT_STATUS_ACCESS_VIOLATION, EACCES}, - {NT_STATUS_INVALID_HANDLE, EBADF}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT}, - {NT_STATUS_OBJECT_PATH_NOT_FOUND, ENOENT}, - {NT_STATUS_SHARING_VIOLATION, EBUSY}, - {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR}, - {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST}, - {NT_STATUS_PATH_NOT_COVERED, ENOENT}, - {NT_STATUS_UNSUCCESSFUL, EINVAL}, - {NT_STATUS_NOT_IMPLEMENTED, ENOSYS}, - {NT_STATUS_IN_PAGE_ERROR, EFAULT}, - {NT_STATUS_BAD_NETWORK_NAME, ENOENT}, -#ifdef EDQUOT - {NT_STATUS_PAGEFILE_QUOTA, EDQUOT}, - {NT_STATUS_QUOTA_EXCEEDED, EDQUOT}, - {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT}, - {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT}, -#endif -#ifdef ETIME - {NT_STATUS_TIMER_NOT_CANCELED, ETIME}, -#endif - {NT_STATUS_INVALID_PARAMETER, EINVAL}, - {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, - {NT_STATUS_NO_SUCH_FILE, ENOENT}, -#ifdef ENODATA - {NT_STATUS_END_OF_FILE, ENODATA}, -#endif -#ifdef ENOMEDIUM - {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, - {NT_STATUS_NO_MEDIA, ENOMEDIUM}, -#endif - {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, - {NT_STATUS_NO_MEMORY, ENOMEM}, - {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE}, - {NT_STATUS_NOT_MAPPED_VIEW, EINVAL}, - {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS}, - {NT_STATUS_WRONG_PASSWORD, EACCES}, - {NT_STATUS_LOGON_FAILURE, EACCES}, - {NT_STATUS_INVALID_WORKSTATION, EACCES}, - {NT_STATUS_INVALID_LOGON_HOURS, EACCES}, - {NT_STATUS_PASSWORD_EXPIRED, EACCES}, - {NT_STATUS_ACCOUNT_DISABLED, EACCES}, - {NT_STATUS_DISK_FULL, ENOSPC}, - {NT_STATUS_INVALID_PIPE_STATE, EPIPE}, - {NT_STATUS_PIPE_BUSY, EPIPE}, - {NT_STATUS_PIPE_DISCONNECTED, EPIPE}, - {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS}, - {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR}, - {NT_STATUS_NOT_SUPPORTED, ENOSYS}, - {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR}, - {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY}, - {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH}, - {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_TOO_MANY_LINKS, EMLINK}, - {NT_STATUS_NETWORK_BUSY, EBUSY}, - {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV}, -#ifdef ELIBACC - {NT_STATUS_DLL_NOT_FOUND, ELIBACC}, -#endif - {NT_STATUS_PIPE_BROKEN, EPIPE}, - {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED}, - {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES}, - {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE}, -#ifdef EPROTO - {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO}, -#endif - {NT_STATUS_FLOAT_OVERFLOW, ERANGE}, - {NT_STATUS_FLOAT_UNDERFLOW, ERANGE}, - {NT_STATUS_INTEGER_OVERFLOW, ERANGE}, - {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS}, - {NT_STATUS_PIPE_CONNECTED, EISCONN}, - {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT}, - {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE}, - {NT_STATUS_ILL_FORMED_PASSWORD, EACCES}, - {NT_STATUS_PASSWORD_RESTRICTION, EACCES}, - {NT_STATUS_ACCOUNT_RESTRICTION, EACCES}, - {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG}, - {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN}, - {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_RESET, ENETRESET}, -#ifdef ENOTUNIQ - {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ}, - {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ}, -#endif - {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE}, - {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT}, - {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE}, - {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_IO_TIMEOUT, ETIMEDOUT}, - {NT_STATUS_RETRY, EAGAIN}, -#ifdef ENOTUNIQ - {NT_STATUS_DUPLICATE_NAME, ENOTUNIQ}, -#endif -#ifdef ECOMM - {NT_STATUS_NET_WRITE_FAULT, ECOMM}, -#endif -#ifdef EXDEV - {NT_STATUS_NOT_SAME_DEVICE, EXDEV}, -#endif - {NT_STATUS(0), 0} -}; - -/**************************************************************************** - The following mappings need tidying up and moving into libsmb/errormap.c... -****************************************************************************/ - -static int cli_errno_from_nt(NTSTATUS status) -{ - int i; - DEBUG(10,("cli_errno_from_nt: 32 bit codes: code=%08x\n", NT_STATUS_V(status))); - - /* Status codes without this bit set are not errors */ - - if (!(NT_STATUS_V(status) & 0xc0000000)) { - return 0; - } - - for (i=0;nt_errno_map[i].error;i++) { - if (NT_STATUS_V(nt_errno_map[i].status) == - NT_STATUS_V(status)) return nt_errno_map[i].error; - } - - /* for all other cases - a default code */ - return EINVAL; -} /* Return a UNIX errno appropriate for the error received in the last packet. */ @@ -382,7 +246,7 @@ int cli_errno(struct cli_state *cli) if (cli_is_nt_error(cli)) { status = cli_nt_error(cli); - return cli_errno_from_nt(status); + return map_errno_from_nt_status(status); } if (cli_is_dos_error(cli)) { @@ -391,7 +255,7 @@ int cli_errno(struct cli_state *cli) cli_dos_error(cli, &eclass, &ecode); status = dos_to_ntstatus(eclass, ecode); - return cli_errno_from_nt(status); + return map_errno_from_nt_status(status); } /* diff --git a/source3/libsmb/cliquota.c b/source3/libsmb/cliquota.c index f369d28dff..dcdfec241d 100644 --- a/source3/libsmb/cliquota.c +++ b/source3/libsmb/cliquota.c @@ -2,17 +2,17 @@ Unix SMB/CIFS implementation. client quota functions Copyright (C) Stefan (metze) Metzmacher 2003 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -25,7 +25,7 @@ bool cli_get_quota_handle(struct cli_state *cli, int *quota_fnum) 0x00000016, DESIRED_ACCESS_PIPE, 0x00000000, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x00000000, 0x03); - + if (*quota_fnum == (-1)) { return False; } @@ -37,7 +37,7 @@ void free_ntquota_list(SMB_NTQUOTA_LIST **qt_list) { if (!qt_list) return; - + if ((*qt_list)->mem_ctx) talloc_destroy((*qt_list)->mem_ctx); @@ -60,7 +60,7 @@ static bool parse_user_quota_record(const char *rdata, unsigned int rdata_count, if (rdata_count < 40) { return False; } - + /* offset to next quota record. * 4 bytes IVAL(rdata,0) * unused here... @@ -116,7 +116,7 @@ static bool parse_user_quota_record(const char *rdata, unsigned int rdata_count, return False; } #endif /* LARGE_SMB_OFF_T */ - + sid_parse(rdata+40,sid_len,&qt.sid); qt.qtype = SMB_USER_QUOTA_TYPE; @@ -149,13 +149,13 @@ bool cli_get_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC SIVAL(params, 4,0x00000024); SIVAL(params, 8,0x00000000); SIVAL(params,12,0x00000024); - + sid_len = ndr_size_dom_sid(&pqt->sid, 0); data_len = sid_len+8; SIVAL(data, 0, 0x00000000); SIVAL(data, 4, sid_len); sid_linearize(data+8, sid_len, &pqt->sid); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_GET_USER_QUOTA, 0, @@ -204,7 +204,7 @@ bool cli_set_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC unsigned int rparam_count=0, rdata_count=0; unsigned int sid_len; memset(data,'\0',112); - + if (!cli||!pqt) { smb_panic("cli_set_user_quota() called with NULL Pointer!"); } @@ -221,7 +221,7 @@ bool cli_set_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC SBIG_UINT(data,24,pqt->softlim); SBIG_UINT(data,32,pqt->hardlim); sid_linearize(data+40, sid_len, &pqt->sid); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_SET_USER_QUOTA, 0, @@ -278,7 +278,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST SIVAL(params, 4,0x00000000); SIVAL(params, 8,0x00000000); SIVAL(params,12,0x00000000); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_GET_USER_QUOTA, 0, @@ -353,7 +353,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST DEBUG(1,("Failed to send NT_TRANSACT_GET_USER_QUOTA\n")); goto cleanup; } - + SAFE_FREE(rparam); SAFE_FREE(rdata); if (!cli_receive_nt_trans(cli, @@ -369,7 +369,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST } else { ret = True; } - + if (rdata_count == 0) { break; } @@ -389,26 +389,26 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST talloc_destroy(mem_ctx); goto cleanup; } - + if ((tmp_list_ent->quotas=TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_STRUCT))==NULL) { DEBUG(0,("TALLOC_ZERO() failed\n")); talloc_destroy(mem_ctx); goto cleanup; } - + memcpy(tmp_list_ent->quotas,&qt,sizeof(qt)); tmp_list_ent->mem_ctx = mem_ctx; - + DLIST_ADD((*pqt_list),tmp_list_ent); } } - + ret = True; cleanup: SAFE_FREE(rparam); SAFE_FREE(rdata); - + return ret; } @@ -427,9 +427,9 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST } setup = TRANSACT2_QFSINFO; - + SSVAL(param,0,SMB_FS_QUOTA_INFORMATION); - + if (!cli_send_trans(cli, SMBtrans2, NULL, 0, 0, @@ -438,7 +438,7 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST NULL, 0, 560)) { goto cleanup; } - + if (!cli_receive_trans(cli, SMBtrans2, &rparam, &rparam_count, &rdata, &rdata_count)) { @@ -455,7 +455,7 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST if (rdata_count < 48) { goto cleanup; } - + /* unknown_1 24 NULL bytes in pdata*/ /* the soft quotas 8 bytes (SMB_BIG_UINT)*/ @@ -541,7 +541,7 @@ bool cli_set_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST data, 48, 0)) { goto cleanup; } - + if (!cli_receive_trans(cli, SMBtrans2, &rparam, &rparam_count, &rdata, &rdata_count)) { @@ -604,7 +604,7 @@ void dump_ntquota(SMB_NTQUOTA_STRUCT *qt, bool _verbose, bool _numeric, void (*_ case SMB_USER_QUOTA_TYPE: { fstring username_str = {0}; - + if (_sidtostring) { _sidtostring(username_str,&qt->sid,_numeric); } else { diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index 2a445cbd5a..08ab8cad14 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -35,8 +35,7 @@ struct ip_service_name { static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r, struct netr_DsRGetDCNameInfo **info); /**************************************************************** @@ -186,176 +185,51 @@ static NTSTATUS dsgetdcname_cache_store(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ -#define SET_STRING(x) \ - talloc_strdup(mem_ctx, x); \ - NT_STATUS_HAVE_NO_MEMORY(x); - -static NTSTATUS map_logon29_from_cldap_reply(TALLOC_CTX *mem_ctx, - uint32_t flags, - struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, - struct nbt_cldap_netlogon_29 *p) -{ - char addr[INET6_ADDRSTRLEN]; - - ZERO_STRUCTP(p); - - print_sockaddr(addr, sizeof(addr), ss); - - /* FIXME */ - p->dc_sock_addr_size = 0x10; /* the w32 winsock addr size */ - p->dc_sock_addr.family = 2; /* AF_INET */ - p->dc_sock_addr.pdc_ip = talloc_strdup(mem_ctx, addr); - - switch (nt_version & 0x0000001f) { - case 0: - return NT_STATUS_INVALID_PARAMETER; - case 1: - case 16: - case 17: - p->pdc_name = SET_STRING(r->logon1.pdc_name); - p->domain = SET_STRING(r->logon1.domain_name); - - if (flags & DS_PDC_REQUIRED) { - p->server_type = NBT_SERVER_WRITABLE | - NBT_SERVER_PDC; - } - break; - case 2: - case 3: - case 18: - case 19: - p->pdc_name = SET_STRING(r->logon3.pdc_name); - p->domain = SET_STRING(r->logon3.domain_name); - p->pdc_dns_name = SET_STRING(r->logon3.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon3.dns_domain); - p->server_type = r->logon3.server_type; - p->forest = SET_STRING(r->logon3.forest); - p->domain_uuid = r->logon3.domain_uuid; - - break; - case 4: - case 5: - case 6: - case 7: - p->pdc_name = SET_STRING(r->logon5.pdc_name); - p->domain = SET_STRING(r->logon5.domain); - p->pdc_dns_name = SET_STRING(r->logon5.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon5.dns_domain); - p->server_type = r->logon5.server_type; - p->forest = SET_STRING(r->logon5.forest); - p->domain_uuid = r->logon5.domain_uuid; - p->server_site = SET_STRING(r->logon5.server_site); - p->client_site = SET_STRING(r->logon5.client_site); - - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - p->pdc_name = SET_STRING(r->logon13.pdc_name); - p->domain = SET_STRING(r->logon13.domain); - p->pdc_dns_name = SET_STRING(r->logon13.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon13.dns_domain); - p->server_type = r->logon13.server_type; - p->forest = SET_STRING(r->logon13.forest); - p->domain_uuid = r->logon13.domain_uuid; - p->server_site = SET_STRING(r->logon13.server_site); - p->client_site = SET_STRING(r->logon13.client_site); - - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - p->pdc_name = SET_STRING(r->logon15.pdc_name); - p->domain = SET_STRING(r->logon15.domain); - p->pdc_dns_name = SET_STRING(r->logon15.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon15.dns_domain); - p->server_type = r->logon15.server_type; - p->forest = SET_STRING(r->logon15.forest); - p->domain_uuid = r->logon15.domain_uuid; - p->server_site = SET_STRING(r->logon15.server_site); - p->client_site = SET_STRING(r->logon15.client_site); - - break; - case 29: - case 30: - case 31: - p->pdc_name = SET_STRING(r->logon29.pdc_name); - p->domain = SET_STRING(r->logon29.domain); - p->pdc_dns_name = SET_STRING(r->logon29.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon29.dns_domain); - p->server_type = r->logon29.server_type; - p->forest = SET_STRING(r->logon29.forest); - p->domain_uuid = r->logon29.domain_uuid; - p->server_site = SET_STRING(r->logon29.server_site); - p->client_site = SET_STRING(r->logon29.client_site); - p->next_closest_site = SET_STRING(r->logon29.next_closest_site); - - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - return NT_STATUS_OK; -} - -/**************************************************************** -****************************************************************/ - static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, uint32_t nt_version, - union nbt_cldap_netlogon *r) + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r) { DATA_BLOB blob; enum ndr_err_code ndr_err; NTSTATUS status; - struct nbt_cldap_netlogon_29 logon29; + char addr[INET6_ADDRSTRLEN]; - status = map_logon29_from_cldap_reply(mem_ctx, flags, ss, - nt_version, r, &logon29); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + print_sockaddr(addr, sizeof(addr), ss); + + /* FIXME */ + r->sockaddr_size = 0x10; /* the w32 winsock addr size */ + r->sockaddr.sockaddr_family = 2; /* AF_INET */ + r->sockaddr.pdc_ip = talloc_strdup(mem_ctx, addr); - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &logon29, - (ndr_push_flags_fn_t)ndr_push_nbt_cldap_netlogon_29); + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, r, + (ndr_push_flags_fn_t)ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return ndr_map_error2ntstatus(ndr_err); } - if (logon29.domain) { - status = dsgetdcname_cache_store(mem_ctx, logon29.domain, &blob); + if (r->domain) { + status = dsgetdcname_cache_store(mem_ctx, r->domain, &blob); if (!NT_STATUS_IS_OK(status)) { goto done; } - if (logon29.client_site) { - sitename_store(logon29.domain, logon29.client_site); + if (r->client_site) { + sitename_store(r->domain, r->client_site); } } - if (logon29.dns_domain) { - status = dsgetdcname_cache_store(mem_ctx, logon29.dns_domain, &blob); + if (r->dns_domain) { + status = dsgetdcname_cache_store(mem_ctx, r->dns_domain, &blob); if (!NT_STATUS_IS_OK(status)) { goto done; } - if (logon29.client_site) { - sitename_store(logon29.dns_domain, logon29.client_site); + if (r->client_site) { + sitename_store(r->dns_domain, r->client_site); } } + status = NT_STATUS_OK; + done: data_blob_free(&blob); @@ -387,7 +261,7 @@ static NTSTATUS dsgetdcname_cache_refresh(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ -static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, +static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *r, uint32_t nt_version) { switch (nt_version & 0x0000001f) { @@ -400,12 +274,12 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 3: case 18: case 19: - return r->logon3.server_type; + return r->data.nt5.server_type; case 4: case 5: case 6: case 7: - return r->logon5.server_type; + return r->data.nt5_ex.server_type; case 8: case 9: case 10: @@ -414,7 +288,7 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 13: case 14: case 15: - return r->logon13.server_type; + return r->data.nt5_ex.server_type; case 20: case 21: case 22: @@ -424,11 +298,11 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 26: case 27: case 28: - return r->logon15.server_type; + return r->data.nt5_ex.server_type; case 29: case 30: case 31: - return r->logon29.server_type; + return r->data.nt5_ex.server_type; default: return 0; } @@ -486,8 +360,7 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, DATA_BLOB blob; enum ndr_err_code ndr_err; struct netr_DsRGetDCNameInfo *info; - union nbt_cldap_netlogon p; - struct nbt_cldap_netlogon_29 r; + struct NETLOGON_SAM_LOGON_RESPONSE_EX r; NTSTATUS status; if (!gencache_init()) { @@ -508,8 +381,8 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon_29); + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &r, + (ndr_pull_flags_fn_t)ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX); data_blob_free(&blob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -517,11 +390,8 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, return ndr_map_error2ntstatus(ndr_err); } - p.logon29 = r; - status = make_dc_info_from_cldap_reply(mem_ctx, flags, NULL, - 29, - &p, &info); + &r, &info); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -916,8 +786,7 @@ static void map_dc_and_domain_names(uint32_t flags, static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r, struct netr_DsRGetDCNameInfo **info) { const char *dc_hostname = NULL; @@ -938,163 +807,28 @@ static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, dc_address_type = DS_ADDRESS_TYPE_INET; } - switch (nt_version & 0x0000001f) { - case 0: - case 1: - case 16: - case 17: - if (!ss) { - dc_address = r->logon1.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } - - map_dc_and_domain_names(flags, - r->logon1.pdc_name, - r->logon1.domain_name, - NULL, - NULL, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - if (flags & DS_PDC_REQUIRED) { - dc_flags = NBT_SERVER_WRITABLE | NBT_SERVER_PDC; - } - break; - case 2: - case 3: - case 18: - case 19: - if (!ss) { - dc_address = r->logon3.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } - - map_dc_and_domain_names(flags, - r->logon3.pdc_name, - r->logon3.domain_name, - r->logon3.pdc_dns_name, - r->logon3.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon3.server_type; - dc_forest = r->logon3.forest; - dc_domain_guid = &r->logon3.domain_uuid; - - break; - case 4: - case 5: - case 6: - case 7: - if (!ss) { - dc_address = r->logon5.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } - - map_dc_and_domain_names(flags, - r->logon5.pdc_name, - r->logon5.domain, - r->logon5.pdc_dns_name, - r->logon5.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon5.server_type; - dc_forest = r->logon5.forest; - dc_domain_guid = &r->logon5.domain_uuid; - dc_server_site = r->logon5.server_site; - dc_client_site = r->logon5.client_site; - - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - if (!ss) { - dc_address = r->logon13.dc_sock_addr.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } - - map_dc_and_domain_names(flags, - r->logon13.pdc_name, - r->logon13.domain, - r->logon13.pdc_dns_name, - r->logon13.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon13.server_type; - dc_forest = r->logon13.forest; - dc_domain_guid = &r->logon13.domain_uuid; - dc_server_site = r->logon13.server_site; - dc_client_site = r->logon13.client_site; - - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - if (!ss) { - dc_address = r->logon15.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } + if (!ss && r->sockaddr.pdc_ip) { + dc_address = r->sockaddr.pdc_ip; + dc_address_type = DS_ADDRESS_TYPE_INET; + } else { + dc_address = r->pdc_name; + dc_address_type = DS_ADDRESS_TYPE_NETBIOS; + } - map_dc_and_domain_names(flags, - r->logon15.pdc_name, - r->logon15.domain, - r->logon15.pdc_dns_name, - r->logon15.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon15.server_type; - dc_forest = r->logon15.forest; - dc_domain_guid = &r->logon15.domain_uuid; - dc_server_site = r->logon15.server_site; - dc_client_site = r->logon15.client_site; - - break; - case 29: - case 30: - case 31: - if (!ss) { - dc_address = r->logon29.dc_sock_addr.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } + map_dc_and_domain_names(flags, + r->pdc_name, + r->domain, + r->pdc_dns_name, + r->dns_domain, + &dc_flags, + &dc_hostname, + &dc_domain_name); - map_dc_and_domain_names(flags, - r->logon29.pdc_name, - r->logon29.domain, - r->logon29.pdc_dns_name, - r->logon29.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon29.server_type; - dc_forest = r->logon29.forest; - dc_domain_guid = &r->logon29.domain_uuid; - dc_server_site = r->logon29.server_site; - dc_client_site = r->logon29.client_site; - - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } + dc_flags |= r->server_type; + dc_forest = r->forest; + dc_domain_guid = &r->domain_uuid; + dc_server_site = r->server_site; + dc_client_site = r->client_site; return make_domain_controller_info(mem_ctx, dc_hostname, @@ -1117,19 +851,19 @@ static uint32_t map_ds_flags_to_nt_version(uint32_t flags) uint32_t nt_version = 0; if (flags & DS_PDC_REQUIRED) { - nt_version |= NETLOGON_VERSION_PDC; + nt_version |= NETLOGON_NT_VERSION_PDC; } if (flags & DS_GC_SERVER_REQUIRED) { - nt_version |= NETLOGON_VERSION_GC; + nt_version |= NETLOGON_NT_VERSION_GC; } if (flags & DS_TRY_NEXTCLOSEST_SITE) { - nt_version |= NETLOGON_VERSION_WITH_CLOSEST_SITE; + nt_version |= NETLOGON_NT_VERSION_WITH_CLOSEST_SITE; } if (flags & DS_IP_REQUIRED) { - nt_version |= NETLOGON_VERSION_IP; + nt_version |= NETLOGON_NT_VERSION_IP; } return nt_version; @@ -1147,9 +881,9 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, { int i = 0; bool valid_dc = false; - union nbt_cldap_netlogon *r = NULL; - uint32_t nt_version = NETLOGON_VERSION_5 | - NETLOGON_VERSION_5EX; + struct netlogon_samlogon_response *r = NULL; + uint32_t nt_version = NETLOGON_NT_VERSION_5 | + NETLOGON_NT_VERSION_5EX; uint32_t ret_flags = 0; NTSTATUS status; @@ -1161,9 +895,10 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, if (ads_cldap_netlogon(mem_ctx, dclist[i].hostname, domain_name, - &nt_version, + nt_version, &r)) { + nt_version = r->ntver; ret_flags = get_cldap_reply_server_flags(r, nt_version); if (check_cldap_reply_required_flags(ret_flags, flags)) { @@ -1180,10 +915,10 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, } status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r, info); + &r->data.nt5_ex, info); if (NT_STATUS_IS_OK(status)) { return store_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r); + nt_version, &r->data.nt5_ex); } return status; @@ -1234,11 +969,11 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, int i; const char *dc_name = NULL; fstring tmp_dc_name; - union nbt_cldap_netlogon *r = NULL; + struct netlogon_samlogon_response *r = NULL; bool store_cache = false; - uint32_t nt_version = NETLOGON_VERSION_1 | - NETLOGON_VERSION_5 | - NETLOGON_VERSION_5EX_WITH_IP; + uint32_t nt_version = NETLOGON_NT_VERSION_1 | + NETLOGON_NT_VERSION_5 | + NETLOGON_NT_VERSION_5EX_WITH_IP; if (!msg_ctx) { msg_ctx = msg_context(mem_ctx); @@ -1288,21 +1023,22 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, &dclist[i].ss, tmp_dc_name)) { - struct nbt_cldap_netlogon_1 logon1; + struct NETLOGON_SAM_LOGON_RESPONSE_NT40 logon1; - r = TALLOC_ZERO_P(mem_ctx, union nbt_cldap_netlogon); + r = TALLOC_ZERO_P(mem_ctx, struct netlogon_samlogon_response); NT_STATUS_HAVE_NO_MEMORY(r); ZERO_STRUCT(logon1); - nt_version = NETLOGON_VERSION_1; + nt_version = NETLOGON_NT_VERSION_1; logon1.nt_version = nt_version; - logon1.pdc_name = tmp_dc_name; - logon1.domain_name = talloc_strdup_upper(mem_ctx, domain_name); - NT_STATUS_HAVE_NO_MEMORY(logon1.domain_name); + logon1.server = tmp_dc_name; + logon1.domain = talloc_strdup_upper(mem_ctx, domain_name); + NT_STATUS_HAVE_NO_MEMORY(logon1.domain); - r->logon1 = logon1; + r->data.nt4 = logon1; + r->ntver = nt_version; namecache_store(tmp_dc_name, NBT_NAME_SERVER, 1, &ip_list); @@ -1315,10 +1051,10 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, make_reply: status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r, info); + &r->data.nt5_ex, info); if (NT_STATUS_IS_OK(status) && store_cache) { return store_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r); + nt_version, &r->data.nt5_ex); } return status; diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index f1b3d1415e..ea2c46953c 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -266,7 +266,7 @@ parse_ace(struct cli_state *ipc_cli, unsigned int aflags; unsigned int amask; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; struct perm_value { const char *perm; diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c index 8413c8066b..1abdf61b7f 100644 --- a/source3/libsmb/ntlmssp_sign.c +++ b/source3/libsmb/ntlmssp_sign.c @@ -117,7 +117,7 @@ static NTSTATUS ntlmssp_make_packet_signature(NTLMSSP_STATE *ntlmssp_state, } else { uint32 crc; - crc = crc32_calc_buffer((const char *)data, length); + crc = crc32_calc_buffer(data, length); if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) { return NT_STATUS_NO_MEMORY; } @@ -265,7 +265,7 @@ NTSTATUS ntlmssp_seal_packet(NTLMSSP_STATE *ntlmssp_state, } } else { uint32 crc; - crc = crc32_calc_buffer((const char *)data, length); + crc = crc32_calc_buffer(data, length); if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c index 4abe5bb6de..af4986fa9d 100644 --- a/source3/libsmb/samlogon_cache.c +++ b/source3/libsmb/samlogon_cache.c @@ -141,7 +141,7 @@ bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3) NDR_PRINT_DEBUG(netsamlogoncache_entry, &r); } - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &r, + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, &r, (ndr_push_flags_fn_t)ndr_push_netsamlogoncache_entry); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(0,("netsamlogon_cache_store: failed to push entry to cache\n")); @@ -197,7 +197,7 @@ struct netr_SamInfo3 *netsamlogon_cache_get(TALLOC_CTX *mem_ctx, const DOM_SID * blob = data_blob_const(data.dptr, data.dsize); - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &r, (ndr_pull_flags_fn_t)ndr_pull_netsamlogoncache_entry); if (DEBUGLEVEL >= 10) { diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 0742976635..05fd808a32 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -847,7 +847,7 @@ DATA_BLOB decrypt_drsuapi_blob(TALLOC_CTX *mem_ctx, * of the remaining bytes */ crc32_given = IVAL(dec_buffer.data, 0); - crc32_calc = crc32_calc_buffer((const char *)dec_buffer.data + 4 , dec_buffer.length - 4); + crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4); if (crc32_given != crc32_calc) { DEBUG(1,("CRC32: given[0x%08X] calc[0x%08X]\n", crc32_given, crc32_calc)); diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index 08a49930b4..2f336f14e6 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -22,104 +22,6 @@ /********************************************************* Change the domain password on the PDC. - - Just changes the password betwen the two values specified. - - Caller must have the cli connected to the netlogon pipe - already. -**********************************************************/ - -static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - const unsigned char orig_trust_passwd_hash[16], - const char *new_trust_pwd_cleartext, - const unsigned char new_trust_passwd_hash[16], - uint32 sec_channel_type) -{ - NTSTATUS result; - uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; - - result = rpccli_netlogon_setup_creds(cli, - cli->desthost, /* server name */ - lp_workgroup(), /* domain */ - global_myname(), /* client name */ - global_myname(), /* machine account name */ - orig_trust_passwd_hash, - sec_channel_type, - &neg_flags); - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(3,("just_change_the_password: unable to setup creds (%s)!\n", - nt_errstr(result))); - return result; - } - - if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) { - - struct netr_Authenticator clnt_creds, srv_cred; - struct netr_CryptPassword new_password; - struct samr_CryptPassword password_buf; - - netlogon_creds_client_step(cli->dc, &clnt_creds); - - encode_pw_buffer(password_buf.data, new_trust_pwd_cleartext, STR_UNICODE); - - SamOEMhash(password_buf.data, cli->dc->sess_key, 516); - memcpy(new_password.data, password_buf.data, 512); - new_password.length = IVAL(password_buf.data, 512); - - result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx, - cli->dc->remote_machine, - cli->dc->mach_acct, - sec_channel_type, - global_myname(), - &clnt_creds, - &srv_cred, - &new_password); - - /* Always check returned credentials. */ - if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { - DEBUG(0,("rpccli_netr_ServerPasswordSet2: " - "credentials chain check failed\n")); - return NT_STATUS_ACCESS_DENIED; - } - - } else { - - struct netr_Authenticator clnt_creds, srv_cred; - struct samr_Password new_password; - - netlogon_creds_client_step(cli->dc, &clnt_creds); - - cred_hash3(new_password.hash, - new_trust_passwd_hash, - cli->dc->sess_key, 1); - - result = rpccli_netr_ServerPasswordSet(cli, mem_ctx, - cli->dc->remote_machine, - cli->dc->mach_acct, - sec_channel_type, - global_myname(), - &clnt_creds, - &srv_cred, - &new_password); - - /* Always check returned credentials. */ - if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { - DEBUG(0,("rpccli_netr_ServerPasswordSet: " - "credentials chain check failed\n")); - return NT_STATUS_ACCESS_DENIED; - } - } - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(0,("just_change_the_password: unable to change password (%s)!\n", - nt_errstr(result))); - } - return result; -} - -/********************************************************* - Change the domain password on the PDC. Store the password ourselves, but use the supplied password Caller must have already setup the connection to the NETLOGON pipe **********************************************************/ @@ -144,11 +46,11 @@ NTSTATUS trust_pw_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *m E_md4hash(new_trust_passwd, new_trust_passwd_hash); - nt_status = just_change_the_password(cli, mem_ctx, - orig_trust_passwd_hash, - new_trust_passwd, - new_trust_passwd_hash, - sec_channel_type); + nt_status = rpccli_netlogon_set_trust_password(cli, mem_ctx, + orig_trust_passwd_hash, + new_trust_passwd, + new_trust_passwd_hash, + sec_channel_type); if (NT_STATUS_IS_OK(nt_status)) { DEBUG(3,("%s : trust_pw_change_and_store_it: Changed password.\n", diff --git a/source3/m4/check_path.m4 b/source3/m4/check_path.m4 index 7aa8c213e0..40a97d3674 100644 --- a/source3/m4/check_path.m4 +++ b/source3/m4/check_path.m4 @@ -18,6 +18,7 @@ AC_PREFIX_DEFAULT(/usr/local/samba) rootsbindir="\${SBINDIR}" lockdir="\${VARDIR}/locks" piddir="\${VARDIR}/locks" +ncalrpcdir="\${VARDIR}/ncalrpc" test "${mandir}" || mandir="\${prefix}/man" logfilebase="\${VARDIR}" privatedir="\${prefix}/private" @@ -46,6 +47,7 @@ AC_ARG_WITH(fhs, codepagedir="\${MODULESDIR}" statedir="\${VARDIR}/lib/samba" cachedir="\${VARDIR}/lib/samba" + ncalrpcdir="\${VARDIR}/ncalrpc" AC_DEFINE(FHS_COMPATIBLE, 1, [Whether to use fully FHS-compatible paths]) ;; esac]) @@ -115,6 +117,22 @@ AC_ARG_WITH(piddir, esac]) ################################################# +# set ncalrpc directory location +AC_ARG_WITH(ncalprcdir, +[AS_HELP_STRING([--with-ncalprcdir=DIR], [Where to put ncalrpc sockets ($ac_default_prefix/var/ncalrpc)])], +[ case "$withval" in + yes|no) + # + # Just in case anybody calls it without argument + # + AC_MSG_WARN([--with-ncalrpcdir called without argument - will use default]) + ;; + * ) + ncalrpcdir="$withval" + ;; + esac]) + +################################################# # set SWAT directory location AC_ARG_WITH(swatdir, [AS_HELP_STRING([--with-swatdir=DIR], [Where to put SWAT files ($ac_default_prefix/swat)])], @@ -227,6 +245,7 @@ AC_ARG_WITH(mandir, AC_SUBST(configdir) AC_SUBST(lockdir) AC_SUBST(piddir) +AC_SUBST(ncalrpcdir) AC_SUBST(logfilebase) AC_SUBST(ctdbdir) AC_SUBST(privatedir) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 9e28db8b39..f411176590 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -44,10 +44,6 @@ typedef struct _SMB_ACL4_INT_T SMB_ACE4_INT_T *last; } SMB_ACL4_INT_T; -extern int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid); -extern NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, - uint32 security_info_sent, SEC_DESC *psd); - static SMB_ACL4_INT_T *get_validated_aclint(SMB4ACL_T *acl) { SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)acl; @@ -225,7 +221,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *acl, /* in */ } for (aceint=aclint->first; aceint!=NULL; aceint=(SMB_ACE4_INT_T *)aceint->next) { - SEC_ACCESS mask; + uint32_t mask; DOM_SID sid; SMB_ACE4PROP_T *ace = &aceint->prop; @@ -260,7 +256,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *acl, /* in */ DEBUG(10, ("mapped %d to %s\n", ace->who.id, sid_string_dbg(&sid))); - init_sec_access(&mask, ace->aceMask); + mask = ace->aceMask; init_sec_ace(&nt_ace_list[good_aces++], &sid, ace->aceType, mask, ace->aceFlags & 0xf); @@ -518,7 +514,7 @@ static bool smbacl4_fill_ace4( smbacl4_vfs_params *params, uid_t ownerUID, gid_t ownerGID, - SEC_ACE *ace_nt, /* input */ + const SEC_ACE *ace_nt, /* input */ SMB_ACE4PROP_T *ace_v4 /* output */ ) { @@ -650,7 +646,7 @@ static int smbacl4_MergeIgnoreReject( static SMB4ACL_T *smbacl4_win2nfs4( const char *filename, - SEC_ACL *dacl, + const SEC_ACL *dacl, smbacl4_vfs_params *pparams, uid_t ownerUID, gid_t ownerGID @@ -694,7 +690,7 @@ static SMB4ACL_T *smbacl4_win2nfs4( NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp, uint32 security_info_sent, - SEC_DESC *psd, + const SEC_DESC *psd, set_nfs4acl_native_fn_t set_nfs4_native) { smbacl4_vfs_params params; diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c index fd59310755..241751c6a6 100644 --- a/source3/modules/vfs_acl_xattr.c +++ b/source3/modules/vfs_acl_xattr.c @@ -38,7 +38,7 @@ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob, size_t sd_size; struct timespec ts; - ndr_err = ndr_pull_struct_blob(pblob, ctx, &xacl, + ndr_err = ndr_pull_struct_blob(pblob, ctx, NULL, &xacl, (ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -89,7 +89,7 @@ static NTSTATUS get_acl_blob(TALLOC_CTX *ctx, uint8_t *val = NULL; uint8_t *tmp; ssize_t sizeret; - int saved_errno; + int saved_errno = 0; ZERO_STRUCTP(pblob); @@ -133,26 +133,6 @@ static NTSTATUS get_acl_blob(TALLOC_CTX *ctx, return NT_STATUS_OK; } -static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode) -{ - return SMB_VFS_NEXT_MKDIR(handle, path, mode); -} - -static int rmdir_acl_xattr(vfs_handle_struct *handle, const char *path) -{ - return SMB_VFS_NEXT_RMDIR(handle, path); -} - -static int open_acl_xattr(vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode) -{ - return SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode); -} - -static int unlink_acl_xattr(vfs_handle_struct *handle, const char *fname) -{ - return SMB_VFS_NEXT_UNLINK(handle, fname); -} - static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle, files_struct *fsp, const char *name, @@ -198,6 +178,42 @@ static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle, return status; } +static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode) +{ + return SMB_VFS_NEXT_MKDIR(handle, path, mode); +} + +/********************************************************************* + * Currently this only works for existing files. Need to work on + * inheritance for new files. +*********************************************************************/ + +static int open_acl_xattr(vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode) +{ + uint32_t access_granted = 0; + SEC_DESC *pdesc = NULL; + NTSTATUS status = get_nt_acl_xattr_internal(handle, + NULL, + fname, + (OWNER_SECURITY_INFORMATION | + GROUP_SECURITY_INFORMATION | + DACL_SECURITY_INFORMATION), + &pdesc); + if (NT_STATUS_IS_OK(status)) { + /* See if we can access it. */ + if (!se_access_check(pdesc, + handle->conn->server_info->ptok, + fsp->access_mask, + &access_granted, + &status)) { + errno = map_errno_from_nt_status(status); + return -1; + } + } + + return SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode); +} + static NTSTATUS fget_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) { @@ -222,7 +238,7 @@ static NTSTATUS get_nt_acl_xattr(vfs_handle_struct *handle, security_info, ppdesc); } -static NTSTATUS create_acl_blob(SEC_DESC *psd, DATA_BLOB *pblob) +static NTSTATUS create_acl_blob(const SEC_DESC *psd, DATA_BLOB *pblob) { struct xattr_NTACL xacl; struct security_descriptor_timestamp sd_ts; @@ -241,11 +257,11 @@ static NTSTATUS create_acl_blob(SEC_DESC *psd, DATA_BLOB *pblob) xacl.version = 2; xacl.info.sd_ts = &sd_ts; - xacl.info.sd_ts->sd = psd; + xacl.info.sd_ts->sd = CONST_DISCARD(SEC_DESC *, psd); unix_timespec_to_nt_time(&xacl.info.sd_ts->last_changed, curr); ndr_err = ndr_push_struct_blob( - pblob, ctx, &xacl, + pblob, ctx, NULL, &xacl, (ndr_push_flags_fn_t)ndr_push_xattr_NTACL); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -261,7 +277,7 @@ static NTSTATUS store_acl_blob(files_struct *fsp, DATA_BLOB *pblob) { int ret; - int saved_errno; + int saved_errno = 0; DEBUG(10,("store_acl_blob: storing blob length %u on file %s\n", (unsigned int)pblob->length, fsp->fsp_name)); @@ -291,7 +307,7 @@ static NTSTATUS store_acl_blob(files_struct *fsp, } static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd) + uint32 security_info_sent, const SEC_DESC *psd) { NTSTATUS status; DATA_BLOB blob; @@ -301,6 +317,22 @@ static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, return status; } + if ((security_info_sent & DACL_SECURITY_INFORMATION) && + psd->dacl != NULL && + (psd->type & (SE_DESC_DACL_AUTO_INHERITED| + SE_DESC_DACL_AUTO_INHERIT_REQ))== + (SE_DESC_DACL_AUTO_INHERITED| + SE_DESC_DACL_AUTO_INHERIT_REQ) ) { + SEC_DESC *new_psd = NULL; + status = append_parent_acl(fsp, psd, &new_psd); + if (!NT_STATUS_IS_OK(status)) { + /* Lower level acl set succeeded, + * so still return OK. */ + return NT_STATUS_OK; + } + psd = new_psd; + } + create_acl_blob(psd, &blob); store_acl_blob(fsp, &blob); @@ -312,9 +344,7 @@ static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, static vfs_op_tuple skel_op_tuples[] = { {SMB_VFS_OP(mkdir_acl_xattr), SMB_VFS_OP_MKDIR, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(rmdir_acl_xattr), SMB_VFS_OP_RMDIR, SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(open_acl_xattr), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(unlink_acl_xattr),SMB_VFS_OP_UNLINK,SMB_VFS_LAYER_TRANSPARENT}, /* NT File ACL operations */ diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index 9409f3fa20..8c89d2fd9f 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -592,7 +592,6 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, { SEC_ACE *nt_ace_list; DOM_SID owner_sid, group_sid; - SEC_ACCESS mask; SEC_ACL *psa = NULL; int good_aces; size_t sd_size; @@ -616,7 +615,7 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, good_aces = 0; while (afs_ace != NULL) { - uint32 nt_rights; + uint32_t nt_rights; uint8 flag = SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_CONTAINER_INHERIT; @@ -633,9 +632,8 @@ static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl, else nt_rights = afs_to_nt_file_rights(afs_ace->rights); - init_sec_access(&mask, nt_rights); init_sec_ace(&nt_ace_list[good_aces++], &(afs_ace->sid), - SEC_ACE_TYPE_ACCESS_ALLOWED, mask, flag); + SEC_ACE_TYPE_ACCESS_ALLOWED, nt_rights, flag); afs_ace = afs_ace->next; } @@ -717,12 +715,12 @@ static bool mappable_sid(const DOM_SID *sid) static bool nt_to_afs_acl(const char *filename, uint32 security_info_sent, - struct security_descriptor *psd, + const struct security_descriptor *psd, uint32 (*nt_to_afs_rights)(const char *filename, const SEC_ACE *ace), struct afs_acl *afs_acl) { - SEC_ACL *dacl; + const SEC_ACL *dacl; int i; /* Currently we *only* look at the dacl */ @@ -737,7 +735,7 @@ static bool nt_to_afs_acl(const char *filename, dacl = psd->dacl; for (i = 0; i < dacl->num_aces; i++) { - SEC_ACE *ace = &(dacl->aces[i]); + const SEC_ACE *ace = &(dacl->aces[i]); const char *dom_name, *name; enum lsa_SidType name_type; char *p; @@ -887,7 +885,7 @@ static void merge_unknown_aces(struct afs_acl *src, struct afs_acl *dst) static NTSTATUS afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - struct security_descriptor *psd) + const struct security_descriptor *psd) { struct afs_acl old_afs_acl, new_afs_acl; struct afs_acl dir_acl, file_acl; @@ -1040,7 +1038,7 @@ static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle, NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - SEC_DESC *psd) + const SEC_DESC *psd) { return afs_set_nt_acl(handle, fsp, security_info_sent, psd); } diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c index 23c4d88134..a078b9f9f6 100644 --- a/source3/modules/vfs_aixacl2.c +++ b/source3/modules/vfs_aixacl2.c @@ -371,7 +371,7 @@ static bool aixjfs2_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { acl_type_t acl_type_info; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -395,7 +395,7 @@ static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_inf return result; } -NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); } diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 381aa18561..372cdf2d53 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1036,7 +1036,7 @@ static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle, return result; } -static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { NTSTATUS result; diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 1224ec3edb..9fadcd9e0c 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -202,7 +202,7 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, SEC_DESC **ppdesc); static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - SEC_DESC *psd); + const SEC_DESC *psd); static int smb_full_audit_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mode); static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, @@ -1582,7 +1582,7 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - SEC_DESC *psd) + const SEC_DESC *psd) { NTSTATUS result; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 39d2bb6c38..fa0b4e97a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -179,7 +179,7 @@ static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl) "who: %d\n", gace->aceType, gace->aceIFlags, gace->aceFlags, gace->aceMask, gace->aceWho)); - memset(&smbace, 0, sizeof(SMB4ACE_T)); + ZERO_STRUCT(smbace); if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) { smbace.flags |= SMB_ACE4_ID_SPECIAL; switch (gace->aceWho) { @@ -365,7 +365,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -386,7 +386,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } @@ -739,7 +739,7 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) if (haveAllowEntry[i]==True) continue; - memset(&ace, 0, sizeof(SMB_ACE4PROP_T)); + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; @@ -761,7 +761,7 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) } /* don't add complementary DENY ACEs here */ - memset(&fake_fsp, 0, sizeof(struct files_struct)); + ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ /* put the acl */ diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c new file mode 100644 index 0000000000..9b4c1b3e25 --- /dev/null +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -0,0 +1,406 @@ +/* + * traffic-analyzer VFS module. Measure the smb traffic users create + * on the net. + * + * Copyright (C) Holger Hetterich, 2008 + * Copyright (C) Jeremy Allison, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +/* abstraction for the send_over_network function */ + +enum sock_type {INTERNET_SOCKET = 0, UNIX_DOMAIN_SOCKET}; + +#define LOCAL_PATHNAME "/var/tmp/stadsocket" + +static int vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; + +static enum sock_type smb_traffic_analyzer_connMode(vfs_handle_struct *handle) +{ + connection_struct *conn = handle->conn; + const char *Mode; + Mode=lp_parm_const_string(SNUM(conn), "smb_traffic_analyzer","mode", \ + "internet_socket"); + if (strstr(Mode,"unix_domain_socket")) { + return UNIX_DOMAIN_SOCKET; + } else { + return INTERNET_SOCKET; + } +} + +/* Connect to an internet socket */ + +static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle, + const char *name, uint16_t port) +{ + /* Create a streaming Socket */ + int sockfd = -1; + struct addrinfo hints; + struct addrinfo *ailist = NULL; + struct addrinfo *res = NULL; + int ret; + + ZERO_STRUCT(hints); + /* By default make sure it supports TCP. */ + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_ADDRCONFIG; + + ret = getaddrinfo(name, + NULL, + &hints, + &ailist); + + if (ret) { + DEBUG(3,("smb_traffic_analyzer_connect_inet_socket: " + "getaddrinfo failed for name %s [%s]\n", + name, + gai_strerror(ret) )); + return -1; + } + + DEBUG(3,("smb_traffic_analyzer: Internet socket mode. Hostname: %s," + "Port: %i\n", name, port)); + + for (res = ailist; res; res = res->ai_next) { + struct sockaddr_storage ss; + + if (!res->ai_addr || res->ai_addrlen == 0) { + continue; + } + + ZERO_STRUCT(ss); + memcpy(&ss, res->ai_addr, res->ai_addrlen); + + sockfd = open_socket_out(SOCK_STREAM, &ss, port, 10000); + if (sockfd != -1) { + break; + } + } + + if (ailist) { + freeaddrinfo(ailist); + } + + if (sockfd == -1) { + DEBUG(1, ("smb_traffic_analyzer: unable to create " + "socket, error is %s", + strerror(errno))); + return -1; + } + + return sockfd; +} + +/* Connect to a unix domain socket */ + +static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle, + const char *name) +{ + /* Create the socket to stad */ + int len, sock; + struct sockaddr_un remote; + + DEBUG(7, ("smb_traffic_analyzer_connect_unix_socket: " + "Unix domain socket mode. Using %s\n", + name )); + + if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { + DEBUG(1, ("smb_traffic_analyzer_connect_unix_socket: " + "Couldn't create socket, " + "make sure stad is running!\n")); + } + remote.sun_family = AF_UNIX; + strlcpy(remote.sun_path, name, + sizeof(remote.sun_path)); + len=strlen(remote.sun_path) + sizeof(remote.sun_family); + if (connect(sock, (struct sockaddr *)&remote, len) == -1 ) { + DEBUG(1, ("smb_traffic_analyzer_connect_unix_socket: " + "Could not connect to " + "socket, make sure\nstad is running!\n")); + close(sock); + return -1; + } + return sock; +} + +/* Private data allowing shared connection sockets. */ + +struct refcounted_sock { + struct refcounted_sock *next, *prev; + char *name; + uint16_t port; + int sock; + unsigned int ref_count; +}; + +/* Send data over a socket */ + +static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, + ssize_t result, + const char *file_name, + bool Write) +{ + struct refcounted_sock *rf_sock = NULL; + struct timeval tv; + time_t tv_sec; + struct tm *tm = NULL; + int seconds; + char *str = NULL; + size_t len; + + SMB_VFS_HANDLE_GET_DATA(handle, rf_sock, struct refcounted_sock, return); + + if (rf_sock == NULL || rf_sock->sock == -1) { + DEBUG(1, ("smb_traffic_analyzer_send_data: socket is " + "closed\n")); + return; + } + + GetTimeOfDay(&tv); + tv_sec = convert_timespec_to_time_t(convert_timeval_to_timespec(tv)); + tm = localtime(&tv_sec); + if (!tm) { + return; + } + seconds=(float) (tv.tv_usec / 1000); + + str = talloc_asprintf(talloc_tos(), + "V1,%u,\"%s\",\"%s\",\"%c\",\"%s\",\"%s\"," + "\"%04d-%02d-%02d %02d:%02d:%02d.%03d\"\n", + (unsigned int)result, + handle->conn->server_info->sanitized_username, + pdb_get_domain(handle->conn->server_info->sam_account), + Write ? 'W' : 'R', + handle->conn->connectpath, + file_name, + tm->tm_year+1900, + tm->tm_mon+1, + tm->tm_mday, + tm->tm_hour, + tm->tm_min, + tm->tm_sec, + (int)seconds); + + if (!str) { + return; + } + + len = strlen(str); + + DEBUG(10, ("smb_traffic_analyzer_send_data_socket: sending %s\n", + str)); + if (write_data(rf_sock->sock, str, len) != len) { + DEBUG(1, ("smb_traffic_analyzer_send_data_socket: " + "error sending data to socket!\n")); + return ; + } +} + +static struct refcounted_sock *sock_list; + +static void smb_traffic_analyzer_free_data(void **pptr) +{ + struct refcounted_sock *rf_sock = *(struct refcounted_sock **)pptr; + if (rf_sock == NULL) { + return; + } + rf_sock->ref_count--; + if (rf_sock->ref_count != 0) { + return; + } + if (rf_sock->sock != -1) { + close(rf_sock->sock); + } + DLIST_REMOVE(sock_list, rf_sock); + TALLOC_FREE(rf_sock); +} + +static int smb_traffic_analyzer_connect(struct vfs_handle_struct *handle, + const char *service, + const char *user) +{ + connection_struct *conn = handle->conn; + enum sock_type st = smb_traffic_analyzer_connMode(handle); + struct refcounted_sock *rf_sock = NULL; + const char *name = (st == UNIX_DOMAIN_SOCKET) ? LOCAL_PATHNAME : + lp_parm_const_string(SNUM(conn), + "smb_traffic_analyzer", + "host", "localhost"); + uint16_t port = (st == UNIX_DOMAIN_SOCKET) ? 0 : + atoi( lp_parm_const_string(SNUM(conn), + "smb_traffic_analyzer", "port", "9430")); + + /* Are we already connected ? */ + for (rf_sock = sock_list; rf_sock; rf_sock = rf_sock->next) { + if (port == rf_sock->port && + (strcmp(name, rf_sock->name) == 0)) { + break; + } + } + + /* If we're connected already, just increase the + * reference count. */ + if (rf_sock) { + rf_sock->ref_count++; + } else { + /* New connection. */ + rf_sock = TALLOC_ZERO_P(NULL, struct refcounted_sock); + if (rf_sock == NULL) { + errno = ENOMEM; + return -1; + } + rf_sock->name = talloc_strdup(rf_sock, name); + if (rf_sock->name == NULL) { + TALLOC_FREE(rf_sock); + errno = ENOMEM; + return -1; + } + rf_sock->port = port; + rf_sock->ref_count = 1; + + if (st == UNIX_DOMAIN_SOCKET) { + rf_sock->sock = smb_traffic_analyzer_connect_unix_socket(handle, + name); + } else { + + rf_sock->sock = smb_traffic_analyzer_connect_inet_socket(handle, + name, + port); + } + if (rf_sock->sock == -1) { + TALLOC_FREE(rf_sock); + return -1; + } + DLIST_ADD(sock_list, rf_sock); + } + + /* Store the private data. */ + SMB_VFS_HANDLE_SET_DATA(handle, rf_sock, smb_traffic_analyzer_free_data, + struct refcounted_sock, return -1); + return SMB_VFS_NEXT_CONNECT(handle, service, user); +} + +/* VFS Functions: write, read, pread, pwrite for now */ + +static ssize_t smb_traffic_analyzer_read(vfs_handle_struct *handle, \ + files_struct *fsp, void *data, size_t n) +{ + ssize_t result; + + result = SMB_VFS_NEXT_READ(handle, fsp, data, n); + DEBUG(10, ("smb_traffic_analyzer_read: READ: %s\n", fsp->fsp_name )); + + smb_traffic_analyzer_send_data(handle, + result, + fsp->fsp_name, + false); + return result; +} + + +static ssize_t smb_traffic_analyzer_pread(vfs_handle_struct *handle, \ + files_struct *fsp, void *data, size_t n, SMB_OFF_T offset) +{ + ssize_t result; + + result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); + + DEBUG(10, ("smb_traffic_analyzer_pread: PREAD: %s\n", fsp->fsp_name )); + + smb_traffic_analyzer_send_data(handle, + result, + fsp->fsp_name, + false); + + return result; +} + +static ssize_t smb_traffic_analyzer_write(vfs_handle_struct *handle, \ + files_struct *fsp, const void *data, size_t n) +{ + ssize_t result; + + result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n); + + DEBUG(10, ("smb_traffic_analyzer_write: WRITE: %s\n", fsp->fsp_name )); + + smb_traffic_analyzer_send_data(handle, + result, + fsp->fsp_name, + true); + return result; +} + +static ssize_t smb_traffic_analyzer_pwrite(vfs_handle_struct *handle, \ + files_struct *fsp, const void *data, size_t n, SMB_OFF_T offset) +{ + ssize_t result; + + result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset); + + DEBUG(10, ("smb_traffic_analyzer_pwrite: PWRITE: %s\n", fsp->fsp_name )); + + smb_traffic_analyzer_send_data(handle, + result, + fsp->fsp_name, + true); + return result; +} + +/* VFS operations we use */ + +static vfs_op_tuple smb_traffic_analyzer_tuples[] = { + + {SMB_VFS_OP(smb_traffic_analyzer_connect), SMB_VFS_OP_CONNECT, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_read), SMB_VFS_OP_READ, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_pread), SMB_VFS_OP_PREAD, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_write), SMB_VFS_OP_WRITE, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_pwrite), SMB_VFS_OP_PWRITE, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(NULL),SMB_VFS_OP_NOOP,SMB_VFS_LAYER_NOOP} +}; + +/* Module initialization */ + +NTSTATUS vfs_smb_traffic_analyzer_init(void) +{ + NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION, \ + "smb_traffic_analyzer", smb_traffic_analyzer_tuples); + + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } + + vfs_smb_traffic_analyzer_debug_level = + debug_add_class("smb_traffic_analyzer"); + + if (vfs_smb_traffic_analyzer_debug_level == -1) { + vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; + DEBUG(1, ("smb_traffic_analyzer_init: Couldn't register custom" + "debugging class!\n")); + } else { + DEBUG(3, ("smb_traffic_analyzer_init: Debug class number of" + "'smb_traffic_analyzer': %d\n", \ + vfs_smb_traffic_analyzer_debug_level)); + } + + return ret; +} diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c index 7b5e510747..c707a1828f 100644 --- a/source3/modules/vfs_xattr_tdb.c +++ b/source3/modules/vfs_xattr_tdb.c @@ -48,7 +48,7 @@ static NTSTATUS xattr_tdb_pull_attrs(TALLOC_CTX *mem_ctx, blob = data_blob_const(data->dptr, data->dsize); ndr_err = ndr_pull_struct_blob( - &blob, result, result, + &blob, result, NULL, result, (ndr_pull_flags_fn_t)ndr_pull_tdb_xattrs); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -74,7 +74,7 @@ static NTSTATUS xattr_tdb_push_attrs(TALLOC_CTX *mem_ctx, enum ndr_err_code ndr_err; ndr_err = ndr_push_struct_blob( - &blob, mem_ctx, attribs, + &blob, mem_ctx, NULL, attribs, (ndr_push_flags_fn_t)ndr_push_tdb_xattrs); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index e933e47317..3688b2386e 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -166,7 +166,7 @@ static bool zfs_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) */ static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - struct security_descriptor *psd) + const struct security_descriptor *psd) { return smb_set_nt_acl_nfs4(fsp, security_info_sent, psd, zfs_process_smbacl); @@ -207,7 +207,7 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle, static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, - SEC_DESC *psd) + const SEC_DESC *psd) { return zfs_set_nt_acl(handle, fsp, security_info_sent, psd); } diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index 474ae1ca18..814eaf7ca8 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -178,7 +178,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); break; } - case QUERYFORPDC: + case LOGON_PRIMARY_QUERY: { fstring mach_str, getdc_str; fstring source_name; @@ -253,7 +253,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); /* Construct reply. */ q = outbuf; - SSVAL(q, 0, QUERYFORPDC_R); + SSVAL(q, 0, NETLOGON_RESPONSE_FROM_PDC); q += 2; fstrcpy(reply_name,my_name); @@ -292,7 +292,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); DEBUG(5,("process_logon_packet: GETDC request from %s at IP %s, \ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", mach_str,inet_ntoa(p->ip), reply_name, lp_workgroup(), - QUERYFORPDC_R, (uint32)ntversion, (uint32)lmnttoken, + NETLOGON_RESPONSE_FROM_PDC, (uint32)ntversion, (uint32)lmnttoken, (uint32)lm20token )); dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf)); @@ -309,7 +309,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", return; } - case SAMLOGON: + case LOGON_SAM_LOGON_REQUEST: { fstring getdc_str; @@ -351,7 +351,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", domainsidsize = IVAL(q, 0); q += 4; - DEBUG(5,("process_logon_packet: SAMLOGON sidsize %d, len = %d\n", domainsidsize, len)); + DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize %d, len = %d\n", domainsidsize, len)); if (domainsidsize < (len - PTR_DIFF(q, buf)) && (domainsidsize != 0)) { q += domainsidsize; @@ -383,7 +383,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", lm20token = SVAL(q, 6); q += 8; - DEBUG(3,("process_logon_packet: SAMLOGON sidsize %d ntv %d\n", domainsidsize, ntversion)); + DEBUG(3,("process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize %d ntv %d\n", domainsidsize, ntversion)); /* * we respond regadless of whether the machine is in our password @@ -392,14 +392,14 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", */ pull_ucs2_fstring(ascuser, uniuser); pull_ucs2_fstring(asccomp, unicomp); - DEBUG(5,("process_logon_packet: SAMLOGON user %s\n", ascuser)); + DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST user %s\n", ascuser)); fstrcpy(reply_name, "\\\\"); /* Here it wants \\LOGONSERVER. */ fstrcat(reply_name, my_name); - DEBUG(5,("process_logon_packet: SAMLOGON request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n", + DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n", asccomp,inet_ntoa(p->ip), ascuser, reply_name, lp_workgroup(), - SAMLOGON_R ,lmnttoken)); + LOGON_SAM_LOGON_RESPONSE ,lmnttoken)); /* Construct reply. */ @@ -408,9 +408,9 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", /* never, at least for now */ if ((ntversion < 11) || (SEC_ADS != lp_security()) || (ROLE_DOMAIN_PDC != lp_server_role())) { if (SVAL(uniuser, 0) == 0) { - SSVAL(q, 0, SAMLOGON_UNK_R); /* user unknown */ + SSVAL(q, 0, LOGON_SAM_LOGON_USER_UNKNOWN); /* user unknown */ } else { - SSVAL(q, 0, SAMLOGON_R); + SSVAL(q, 0, LOGON_SAM_LOGON_RESPONSE); } q += 2; @@ -453,9 +453,9 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", return; } if (SVAL(uniuser, 0) == 0) { - SIVAL(q, 0, SAMLOGON_AD_UNK_R); /* user unknown */ + SIVAL(q, 0, LOGON_SAM_LOGON_USER_UNKNOWN_EX); /* user unknown */ } else { - SIVAL(q, 0, SAMLOGON_AD_R); + SIVAL(q, 0, LOGON_SAM_LOGON_RESPONSE_EX); } q += 4; @@ -684,8 +684,8 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", /* Announce change to UAS or SAM. Send by the domain controller when a replication event is required. */ - case SAM_UAS_CHANGE: - DEBUG(5, ("Got SAM_UAS_CHANGE\n")); + case NETLOGON_ANNOUNCE_UAS: + DEBUG(5, ("Got NETLOGON_ANNOUNCE_UAS\n")); break; default: diff --git a/source3/nsswitch/libwbclient/wbc_guid.c b/source3/nsswitch/libwbclient/wbc_guid.c new file mode 100644 index 0000000000..0cb33e9868 --- /dev/null +++ b/source3/nsswitch/libwbclient/wbc_guid.c @@ -0,0 +1,118 @@ +/* + Unix SMB/CIFS implementation. + + Winbind client API + + Copyright (C) Gerald (Jerry) Carter 2007 + + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 3 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* Required Headers */ + +#include "libwbclient.h" + +/** @brief Convert a binary GUID to a character string + * + * @param guid Binary Guid + * @param **guid_string Resulting character string + * + * @return #wbcErr + **/ + +wbcErr wbcGuidToString(const struct wbcGuid *guid, + char **guid_string) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + + if (!guid) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + *guid_string = talloc_asprintf(NULL, + "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + guid->time_low, guid->time_mid, + guid->time_hi_and_version, + guid->clock_seq[0], + guid->clock_seq[1], + guid->node[0], guid->node[1], + guid->node[2], guid->node[3], + guid->node[4], guid->node[5]); + BAIL_ON_PTR_ERROR((*guid_string), wbc_status); + + wbc_status = WBC_ERR_SUCCESS; + +done: + return wbc_status; +} + +/** @brief Convert a character string to a binary GUID + * + * @param *str Character string + * @param guid Resulting binary GUID + * + * @return #wbcErr + **/ + +wbcErr wbcStringToGuid(const char *str, + struct wbcGuid *guid) +{ + uint32_t time_low; + uint32_t time_mid, time_hi_and_version; + uint32_t clock_seq[2]; + uint32_t node[6]; + int i; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + + if (!guid) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (!str) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (11 == sscanf(str, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + wbc_status = WBC_ERR_SUCCESS; + } else if (11 == sscanf(str, "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + wbc_status = WBC_ERR_SUCCESS; + } + + BAIL_ON_WBC_ERROR(wbc_status); + + guid->time_low = time_low; + guid->time_mid = time_mid; + guid->time_hi_and_version = time_hi_and_version; + guid->clock_seq[0] = clock_seq[0]; + guid->clock_seq[1] = clock_seq[1]; + + for (i=0;i<6;i++) { + guid->node[i] = node[i]; + } + + wbc_status = WBC_ERR_SUCCESS; + +done: + return wbc_status; +} diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c index e32d66cd71..1615fd33ee 100644 --- a/source3/nsswitch/libwbclient/wbc_idmap.c +++ b/source3/nsswitch/libwbclient/wbc_idmap.c @@ -394,7 +394,7 @@ wbcErr wbcSetUidHwm(uid_t uid_hwm) /** @brief Set the highwater mark for allocated gids. * - * @param uid_hwm The new gid highwater mark value + * @param gid_hwm The new gid highwater mark value * * @return #wbcErr **/ diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c index 20b42b6efb..713ba2e65b 100644 --- a/source3/nsswitch/libwbclient/wbc_pam.c +++ b/source3/nsswitch/libwbclient/wbc_pam.c @@ -4,6 +4,7 @@ Winbind client API Copyright (C) Gerald (Jerry) Carter 2007 + Copyright (C) Guenther Deschner 2008 This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -260,6 +261,50 @@ done: return wbc_status; } +static wbcErr wbc_create_logon_info(TALLOC_CTX *mem_ctx, + const struct winbindd_response *resp, + struct wbcLogonUserInfo **_i) +{ + wbcErr wbc_status = WBC_ERR_SUCCESS; + struct wbcLogonUserInfo *i; + + i = talloc_zero(mem_ctx, struct wbcLogonUserInfo); + BAIL_ON_PTR_ERROR(i, wbc_status); + + wbc_status = wbc_create_auth_info(i, resp, &i->info); + BAIL_ON_WBC_ERROR(wbc_status); + + if (resp->data.auth.krb5ccname) { + wbc_status = wbcAddNamedBlob(&i->num_blobs, + &i->blobs, + "krb5ccname", + 0, + (uint8_t *)resp->data.auth.krb5ccname, + strlen(resp->data.auth.krb5ccname)+1); + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (resp->data.auth.unix_username) { + wbc_status = wbcAddNamedBlob(&i->num_blobs, + &i->blobs, + "unix_username", + 0, + (uint8_t *)resp->data.auth.unix_username, + strlen(resp->data.auth.unix_username)+1); + BAIL_ON_WBC_ERROR(wbc_status); + } + + *_i = i; + i = NULL; +done: + if (!WBC_ERROR_IS_OK(wbc_status) && i) { + wbcFreeMemory(i->blobs); + } + + talloc_free(i); + return wbc_status; +} + /** @brief Authenticate with more detailed information * * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH @@ -331,6 +376,7 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, params->account_name, sizeof(request.data.auth.user)-1); } + strncpy(request.data.auth.pass, params->password.plaintext, sizeof(request.data.auth.pass)-1); @@ -416,6 +462,10 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, BAIL_ON_WBC_ERROR(wbc_status); } + if (params->flags) { + request.flags |= params->flags; + } + wbc_status = wbcRequestResponse(cmd, &request, &response); @@ -497,6 +547,101 @@ wbcErr wbcCheckTrustCredentials(const char *domain, return wbc_status; } +/** @brief Trigger an extended logoff notification to Winbind for a specific user + * + * @param params A wbcLogoffUserParams structure + * @param error User output details on error + * + * @return #wbcErr + * + **/ + +wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, + struct wbcAuthErrorInfo **error) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + int i; + + /* validate input */ + + if (!params || !params->username) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if ((params->num_blobs > 0) && (params->blobs == NULL)) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + if ((params->num_blobs == 0) && (params->blobs != NULL)) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + strncpy(request.data.logoff.user, params->username, + sizeof(request.data.logoff.user)-1); + + for (i=0; i<params->num_blobs; i++) { + + if (strcasecmp(params->blobs[i].name, "ccfilename") == 0) { + if (params->blobs[i].blob.data) { + strncpy(request.data.logoff.krb5ccname, + (const char *)params->blobs[i].blob.data, + sizeof(request.data.logoff.krb5ccname) - 1); + } + continue; + } + + if (strcasecmp(params->blobs[i].name, "user_uid") == 0) { + if (params->blobs[i].blob.data) { + memcpy(&request.data.logoff.uid, + params->blobs[i].blob.data, + MIN(params->blobs[i].blob.length, + sizeof(request.data.logoff.uid))); + } + continue; + } + + if (strcasecmp(params->blobs[i].name, "flags") == 0) { + if (params->blobs[i].blob.data) { + memcpy(&request.flags, + params->blobs[i].blob.data, + MIN(params->blobs[i].blob.length, + sizeof(request.flags))); + } + continue; + } + } + + /* Send request */ + + wbc_status = wbcRequestResponse(WINBINDD_PAM_LOGOFF, + &request, + &response); + + /* Take the response above and return it to the caller */ + if (response.data.auth.nt_status != 0) { + if (error) { + wbc_status = wbc_create_error_info(NULL, + &response, + error); + BAIL_ON_WBC_ERROR(wbc_status); + } + + wbc_status = WBC_ERR_AUTH_ERROR; + BAIL_ON_WBC_ERROR(wbc_status); + } + BAIL_ON_WBC_ERROR(wbc_status); + + done: + return wbc_status; +} + /** @brief Trigger a logoff notification to Winbind for a specific user * * @param username Name of user to remove from Winbind's list of @@ -794,3 +939,159 @@ wbcErr wbcChangeUserPassword(const char *username, done: return wbc_status; } + +/** @brief Logon a User + * + * @param[in] params Pointer to a wbcLogonUserParams structure + * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure + * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure + * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure + * + * @return #wbcErr + * + **/ + +wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, + struct wbcLogonUserInfo **info, + struct wbcAuthErrorInfo **error, + struct wbcUserPasswordPolicyInfo **policy) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + int cmd = 0; + struct winbindd_request request; + struct winbindd_response response; + uint32_t i; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + if (info) { + *info = NULL; + } + if (error) { + *error = NULL; + } + if (policy) { + *policy = NULL; + } + + if (!params) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (!params->username) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if ((params->num_blobs > 0) && (params->blobs == NULL)) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + if ((params->num_blobs == 0) && (params->blobs != NULL)) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + /* Initialize request */ + + cmd = WINBINDD_PAM_AUTH; + request.flags = WBFLAG_PAM_INFO3_TEXT | + WBFLAG_PAM_USER_SESSION_KEY | + WBFLAG_PAM_LMKEY; + + if (!params->password) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + strncpy(request.data.auth.user, + params->username, + sizeof(request.data.auth.user)-1); + + strncpy(request.data.auth.pass, + params->password, + sizeof(request.data.auth.pass)-1); + + for (i=0; i<params->num_blobs; i++) { + + if (strcasecmp(params->blobs[i].name, "krb5_cc_type") == 0) { + if (params->blobs[i].blob.data) { + strncpy(request.data.auth.krb5_cc_type, + (const char *)params->blobs[i].blob.data, + sizeof(request.data.auth.krb5_cc_type) - 1); + } + continue; + } + + if (strcasecmp(params->blobs[i].name, "user_uid") == 0) { + if (params->blobs[i].blob.data) { + memcpy(&request.data.auth.uid, + params->blobs[i].blob.data, + MIN(sizeof(request.data.auth.uid), + params->blobs[i].blob.length)); + } + continue; + } + + if (strcasecmp(params->blobs[i].name, "flags") == 0) { + if (params->blobs[i].blob.data) { + uint32_t flags; + memcpy(&flags, + params->blobs[i].blob.data, + MIN(sizeof(flags), + params->blobs[i].blob.length)); + request.flags |= flags; + } + continue; + } + + if (strcasecmp(params->blobs[i].name, "membership_of") == 0) { + if (params->blobs[i].blob.data && + params->blobs[i].blob.data[0] > 0) { + strncpy(request.data.auth.require_membership_of_sid, + (const char *)params->blobs[i].blob.data, + sizeof(request.data.auth.require_membership_of_sid) - 1); + } + continue; + } + } + + wbc_status = wbcRequestResponse(cmd, + &request, + &response); + + if (response.data.auth.nt_status != 0) { + if (error) { + wbc_status = wbc_create_error_info(NULL, + &response, + error); + BAIL_ON_WBC_ERROR(wbc_status); + } + + wbc_status = WBC_ERR_AUTH_ERROR; + BAIL_ON_WBC_ERROR(wbc_status); + } + BAIL_ON_WBC_ERROR(wbc_status); + + if (info) { + wbc_status = wbc_create_logon_info(NULL, + &response, + info); + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (policy) { + wbc_status = wbc_create_password_policy_info(NULL, + &response, + policy); + BAIL_ON_WBC_ERROR(wbc_status); + } + +done: + if (response.extra_data.data) + free(response.extra_data.data); + + return wbc_status; +} diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c index b5f167369c..0d17b312ef 100644 --- a/source3/nsswitch/libwbclient/wbc_pwd.c +++ b/source3/nsswitch/libwbclient/wbc_pwd.c @@ -380,7 +380,7 @@ wbcErr wbcGetgrent(struct group **grp) * * @param *account The given user name * @param *num_groups Number of elements returned in the groups array - * @param **groups Pointer to resulting gid_t array. + * @param **_groups Pointer to resulting gid_t array. * * @return #wbcErr **/ diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index f4ffa4e5ca..4cfdd792b5 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -223,9 +223,9 @@ wbcErr wbcLookupName(const char *domain, /** @brief Convert a SID to a domain and name * * @param *sid Pointer to the domain SID to be resolved - * @param domain Resolved Domain name (possibly "") - * @param name Resolved User or group name - * @param *name_type Pointet to the resolved SID type + * @param pdomain Resolved Domain name (possibly "") + * @param pname Resolved User or group name + * @param *pname_type Pointet to the resolved SID type * * @return #wbcErr * diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c index 24568f9101..b4868748ae 100644 --- a/source3/nsswitch/libwbclient/wbc_util.c +++ b/source3/nsswitch/libwbclient/wbc_util.c @@ -496,7 +496,7 @@ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) /** @brief Enumerate the domain trusts known by Winbind * * @param domain Name of the domain to query for a DC - * @flags Bit flags used to control the domain location query + * @param flags Bit flags used to control the domain location query * @param *dc_info Pointer to the returned domain controller information * * @return #wbcErr @@ -550,3 +550,187 @@ done: return wbc_status; } + +static wbcErr wbc_create_domain_controller_info_ex(TALLOC_CTX *mem_ctx, + const struct winbindd_response *resp, + struct wbcDomainControllerInfoEx **_i) +{ + wbcErr wbc_status = WBC_ERR_SUCCESS; + struct wbcDomainControllerInfoEx *i; + struct wbcGuid guid; + + i = talloc(mem_ctx, struct wbcDomainControllerInfoEx); + BAIL_ON_PTR_ERROR(i, wbc_status); + + i->dc_unc = talloc_strdup(i, resp->data.dsgetdcname.dc_unc); + BAIL_ON_PTR_ERROR(i->dc_unc, wbc_status); + + i->dc_address = talloc_strdup(i, resp->data.dsgetdcname.dc_address); + BAIL_ON_PTR_ERROR(i->dc_address, wbc_status); + + i->dc_address_type = resp->data.dsgetdcname.dc_address_type; + + wbc_status = wbcStringToGuid(resp->data.dsgetdcname.domain_guid, &guid); + if (WBC_ERROR_IS_OK(wbc_status)) { + i->domain_guid = talloc(i, struct wbcGuid); + BAIL_ON_PTR_ERROR(i->domain_guid, wbc_status); + + *i->domain_guid = guid; + } else { + i->domain_guid = NULL; + } + + i->domain_name = talloc_strdup(i, resp->data.dsgetdcname.domain_name); + BAIL_ON_PTR_ERROR(i->domain_name, wbc_status); + + if (resp->data.dsgetdcname.forest_name[0] != '\0') { + i->forest_name = talloc_strdup(i, + resp->data.dsgetdcname.forest_name); + BAIL_ON_PTR_ERROR(i->forest_name, wbc_status); + } else { + i->forest_name = NULL; + } + + i->dc_flags = resp->data.dsgetdcname.dc_flags; + + if (resp->data.dsgetdcname.dc_site_name[0] != '\0') { + i->dc_site_name = talloc_strdup(i, + resp->data.dsgetdcname.dc_site_name); + BAIL_ON_PTR_ERROR(i->dc_site_name, wbc_status); + } else { + i->dc_site_name = NULL; + } + + if (resp->data.dsgetdcname.client_site_name[0] != '\0') { + i->client_site_name = talloc_strdup(i, + resp->data.dsgetdcname.client_site_name); + BAIL_ON_PTR_ERROR(i->client_site_name, wbc_status); + } else { + i->client_site_name = NULL; + } + + *_i = i; + i = NULL; + +done: + talloc_free(i); + return wbc_status; +} + +/** @brief Get extended domain controller information + * + * @param domain Name of the domain to query for a DC + * @param guid Guid of the domain to query for a DC + * @param site Site of the domain to query for a DC + * @param flags Bit flags used to control the domain location query + * @param *dc_info Pointer to the returned extended domain controller information + * + * @return #wbcErr + * + **/ + +wbcErr wbcLookupDomainControllerEx(const char *domain, + struct wbcGuid *guid, + const char *site, + uint32_t flags, + struct wbcDomainControllerInfoEx **dc_info) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct winbindd_request request; + struct winbindd_response response; + + /* validate input params */ + + if (!domain || !dc_info) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + request.data.dsgetdcname.flags = flags; + + strncpy(request.data.dsgetdcname.domain_name, domain, + sizeof(request.data.dsgetdcname.domain_name)-1); + + if (site) { + strncpy(request.data.dsgetdcname.site_name, site, + sizeof(request.data.dsgetdcname.site_name)-1); + } + + if (guid) { + char *str = NULL; + + wbc_status = wbcGuidToString(guid, &str); + BAIL_ON_WBC_ERROR(wbc_status); + + strncpy(request.data.dsgetdcname.domain_guid, str, + sizeof(request.data.dsgetdcname.domain_guid)-1); + + wbcFreeMemory(str); + } + + /* Send request */ + + wbc_status = wbcRequestResponse(WINBINDD_DSGETDCNAME, + &request, + &response); + BAIL_ON_WBC_ERROR(wbc_status); + + if (dc_info) { + wbc_status = wbc_create_domain_controller_info_ex(NULL, + &response, + dc_info); + BAIL_ON_WBC_ERROR(wbc_status); + } + + wbc_status = WBC_ERR_SUCCESS; +done: + return wbc_status; +} + +/** @brief Initialize a named blob and add to list of blobs + * + * @param[in,out] num_blobs Pointer to the number of blobs + * @param[in,out] blobs Pointer to an array of blobs + * @param[in] name Name of the new named blob + * @param[in] flags Flags of the new named blob + * @param[in] data Blob data of new blob + * @param[in] length Blob data length of new blob + * + * @return #wbcErr + * + **/ + +wbcErr wbcAddNamedBlob(size_t *num_blobs, + struct wbcNamedBlob **blobs, + const char *name, + uint32_t flags, + uint8_t *data, + size_t length) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcNamedBlob blob; + + *blobs = talloc_realloc(NULL, *blobs, struct wbcNamedBlob, + *(num_blobs)+1); + BAIL_ON_PTR_ERROR(*blobs, wbc_status); + + blob.name = talloc_strdup(*blobs, name); + BAIL_ON_PTR_ERROR(blob.name, wbc_status); + blob.flags = flags; + blob.blob.length = length; + blob.blob.data = (uint8_t *)talloc_memdup(*blobs, data, length); + BAIL_ON_PTR_ERROR(blob.blob.data, wbc_status); + + (*(blobs))[*num_blobs] = blob; + *(num_blobs) += 1; + + wbc_status = WBC_ERR_SUCCESS; +done: + if (!WBC_ERROR_IS_OK(wbc_status) && blobs) { + wbcFreeMemory(*blobs); + } + return wbc_status; +} diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h index cae3feec5b..00a3c98966 100644 --- a/source3/nsswitch/libwbclient/wbclient.h +++ b/source3/nsswitch/libwbclient/wbclient.h @@ -137,6 +137,19 @@ struct wbcSidWithAttr { #define WBC_SID_ATTR_GROUP_LOGON_ID 0xC0000000 /** + * @brief Windows GUID + * + **/ + +struct wbcGuid { + uint32_t time_low; + uint16_t time_mid; + uint16_t time_hi_and_version; + uint8_t clock_seq[2]; + uint8_t node[6]; +}; + +/** * @brief Domain Information **/ @@ -206,6 +219,36 @@ struct wbcAuthUserParams { }; /** + * @brief Generic Blob + **/ + +struct wbcBlob { + uint8_t *data; + size_t length; +}; + +/** + * @brief Named Blob + **/ + +struct wbcNamedBlob { + const char *name; + uint32_t flags; + struct wbcBlob blob; +}; + +/** + * @brief Logon User Parameters + **/ + +struct wbcLogonUserParams { + const char *username; + const char *password; + size_t num_blobs; + struct wbcNamedBlob *blobs; +}; + +/** * @brief ChangePassword Parameters **/ @@ -297,6 +340,18 @@ struct wbcAuthUserInfo { struct wbcSidWithAttr *sids; }; +/** + * @brief Logon User Information + * + * Some of the strings are maybe NULL + **/ + +struct wbcLogonUserInfo { + struct wbcAuthUserInfo *info; + size_t num_blobs; + struct wbcNamedBlob *blobs; +}; + /* wbcAuthUserInfo->user_flags */ #define WBC_AUTH_USER_INFO_GUEST 0x00000001 @@ -372,6 +427,16 @@ enum wbcPasswordChangeRejectReason { WBC_PWD_CHANGE_REJECT_COMPLEXITY=5 }; +/** + * @brief Logoff User Parameters + **/ + +struct wbcLogoffUserParams { + const char *username; + size_t num_blobs; + struct wbcNamedBlob *blobs; +}; + /* * DomainControllerInfo struct */ @@ -379,7 +444,20 @@ struct wbcDomainControllerInfo { char *dc_name; }; - +/* + * DomainControllerInfoEx struct + */ +struct wbcDomainControllerInfoEx { + const char *dc_unc; + const char *dc_address; + uint16_t dc_address_type; + struct wbcGuid *domain_guid; + const char *domain_name; + const char *forest_name; + uint32_t dc_flags; + const char *dc_site_name; + const char *client_site_name; +}; /* * Memory Management @@ -398,6 +476,16 @@ wbcErr wbcSidToString(const struct wbcDomainSid *sid, wbcErr wbcStringToSid(const char *sid_string, struct wbcDomainSid *sid); +/* + * Utility functions for dealing with GUIDs + */ + +wbcErr wbcGuidToString(const struct wbcGuid *guid, + char **guid_string); + +wbcErr wbcStringToGuid(const char *guid_string, + struct wbcGuid *guid); + wbcErr wbcPing(void); wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details); @@ -531,6 +619,12 @@ wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, struct wbcDomainControllerInfo **dc_info); +wbcErr wbcLookupDomainControllerEx(const char *domain, + struct wbcGuid *guid, + const char *site, + uint32_t flags, + struct wbcDomainControllerInfoEx **dc_info); + /* * Athenticate functions */ @@ -542,10 +636,18 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error); +wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, + struct wbcLogonUserInfo **info, + struct wbcAuthErrorInfo **error, + struct wbcUserPasswordPolicyInfo **policy); + wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename); +wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, + struct wbcAuthErrorInfo **error); + wbcErr wbcChangeUserPassword(const char *username, const char *old_password, const char *new_password); @@ -566,6 +668,14 @@ wbcErr wbcResolveWinsByIP(const char *ip, char **name); */ wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error); - +/* + * Helper functions + */ +wbcErr wbcAddNamedBlob(size_t *num_blobs, + struct wbcNamedBlob **blobs, + const char *name, + uint32_t flags, + uint8_t *data, + size_t length); #endif /* _WBCLIENT_H */ diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index c28c5d2697..8d8868d0ef 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -12,6 +12,42 @@ #include "pam_winbind.h" +static int wbc_error_to_pam_error(wbcErr status) +{ + switch (status) { + case WBC_ERR_SUCCESS: + return PAM_SUCCESS; + case WBC_ERR_NOT_IMPLEMENTED: + return PAM_SERVICE_ERR; + case WBC_ERR_UNKNOWN_FAILURE: + break; + case WBC_ERR_NO_MEMORY: + return PAM_BUF_ERR; + case WBC_ERR_INVALID_SID: + case WBC_ERR_INVALID_PARAM: + break; + case WBC_ERR_WINBIND_NOT_AVAILABLE: + return PAM_AUTHINFO_UNAVAIL; + case WBC_ERR_DOMAIN_NOT_FOUND: + return PAM_AUTHINFO_UNAVAIL; + case WBC_ERR_INVALID_RESPONSE: + return PAM_BUF_ERR; + case WBC_ERR_NSS_ERROR: + return PAM_USER_UNKNOWN; + case WBC_ERR_AUTH_ERROR: + return PAM_AUTH_ERR; + case WBC_ERR_UNKNOWN_USER: + return PAM_USER_UNKNOWN; + case WBC_ERR_UNKNOWN_GROUP: + return PAM_USER_UNKNOWN; + case WBC_ERR_PWD_CHANGE_FAILED: + break; + } + + /* be paranoid */ + return PAM_AUTH_ERR; +} + static const char *_pam_error_code_str(int err) { switch (err) { @@ -71,14 +107,22 @@ static const char *_pam_error_code_str(int err) return "PAM_ABORT"; case PAM_AUTHTOK_EXPIRED: return "PAM_AUTHTOK_EXPIRED"; +#ifdef PAM_MODULE_UNKNOWN case PAM_MODULE_UNKNOWN: return "PAM_MODULE_UNKNOWN"; +#endif +#ifdef PAM_BAD_ITEM case PAM_BAD_ITEM: return "PAM_BAD_ITEM"; +#endif +#ifdef PAM_CONV_AGAIN case PAM_CONV_AGAIN: return "PAM_CONV_AGAIN"; +#endif +#ifdef PAM_INCOMPLETE case PAM_INCOMPLETE: return "PAM_INCOMPLETE"; +#endif default: return NULL; } @@ -393,6 +437,10 @@ static int _pam_parse(const pam_handle_t *pamh, ctrl |= WINBIND_WARN_PWD_EXPIRE; } + if (iniparser_getboolean(d, "global:mkhomedir", false)) { + ctrl |= WINBIND_MKHOMEDIR; + } + config_from_pam: /* step through arguments */ for (i=argc,v=argv; i-- > 0; ++v) { @@ -425,6 +473,8 @@ config_from_pam: ctrl |= WINBIND_KRB5_CCACHE_TYPE; else if (!strcasecmp(*v, "cached_login")) ctrl |= WINBIND_CACHED_LOGIN; + else if (!strcasecmp(*v, "mkhomedir")) + ctrl |= WINBIND_MKHOMEDIR; else { __pam_log(pamh, ctrl, LOG_ERR, "pam_parse: unknown option: %s", *v); @@ -444,13 +494,17 @@ config_from_pam: return ctrl; }; -static void _pam_winbind_free_context(struct pwb_context *ctx) +static int _pam_winbind_free_context(struct pwb_context *ctx) { + if (!ctx) { + return 0; + } + if (ctx->dict) { iniparser_freedict(ctx->dict); } - SAFE_FREE(ctx); + return 0; } static int _pam_winbind_init_context(pam_handle_t *pamh, @@ -461,12 +515,12 @@ static int _pam_winbind_init_context(pam_handle_t *pamh, { struct pwb_context *r = NULL; - r = (struct pwb_context *)malloc(sizeof(struct pwb_context)); + r = TALLOC_ZERO_P(NULL, struct pwb_context); if (!r) { return PAM_BUF_ERR; } - ZERO_STRUCTP(r); + talloc_set_destructor(r, _pam_winbind_free_context); r->pamh = pamh; r->flags = flags; @@ -474,7 +528,7 @@ static int _pam_winbind_init_context(pam_handle_t *pamh, r->argv = argv; r->ctrl = _pam_parse(pamh, flags, argc, argv, &r->dict); if (r->ctrl == -1) { - _pam_winbind_free_context(r); + TALLOC_FREE(r); return PAM_SYSTEM_ERR; } @@ -494,7 +548,7 @@ static void _pam_winbind_cleanup_func(pam_handle_t *pamh, "(error_status = %d)", pamh, data, error_status); } - SAFE_FREE(data); + TALLOC_FREE(data); } @@ -636,80 +690,11 @@ static int _make_remark_format(struct pwb_context *ctx, int type, const char *fo return ret; } -static int pam_winbind_request(struct pwb_context *ctx, - enum winbindd_cmd req_type, - struct winbindd_request *request, - struct winbindd_response *response) -{ - /* Fill in request and send down pipe */ - winbindd_init_request(request, req_type); - - if (winbind_write_sock(request, sizeof(*request), 0, 0) == -1) { - _pam_log(ctx, LOG_ERR, - "pam_winbind_request: write to socket failed!"); - winbind_close_sock(); - return PAM_SERVICE_ERR; - } - - /* Wait for reply */ - if (winbindd_read_reply(response) == -1) { - _pam_log(ctx, LOG_ERR, - "pam_winbind_request: read from socket failed!"); - winbind_close_sock(); - return PAM_SERVICE_ERR; - } - - /* We are done with the socket - close it and avoid mischeif */ - winbind_close_sock(); - - /* Copy reply data from socket */ - if (response->result == WINBINDD_OK) { - return PAM_SUCCESS; - } - - /* no need to check for pam_error codes for getpwnam() */ - switch (req_type) { - - case WINBINDD_GETPWNAM: - case WINBINDD_LOOKUPNAME: - if (strlen(response->data.auth.nt_status_string) > 0) { - _pam_log(ctx, LOG_ERR, - "request failed, NT error was %s", - response->data.auth.nt_status_string); - } else { - _pam_log(ctx, LOG_ERR, "request failed"); - } - return PAM_USER_UNKNOWN; - default: - break; - } - - if (response->data.auth.pam_error != PAM_SUCCESS) { - _pam_log(ctx, LOG_ERR, - "request failed: %s, " - "PAM error was %s (%d), NT error was %s", - response->data.auth.error_string, - pam_strerror(ctx->pamh, response->data.auth.pam_error), - response->data.auth.pam_error, - response->data.auth.nt_status_string); - return response->data.auth.pam_error; - } - - _pam_log(ctx, LOG_ERR, "request failed, but PAM error 0!"); - - return PAM_SERVICE_ERR; -} - static int pam_winbind_request_log(struct pwb_context *ctx, - enum winbindd_cmd req_type, - struct winbindd_request *request, - struct winbindd_response *response, - const char *user) + int retval, + const char *user, + const char *fn) { - int retval; - - retval = pam_winbind_request(ctx, req_type, request, response); - switch (retval) { case PAM_AUTH_ERR: /* incorrect password */ @@ -741,33 +726,65 @@ static int pam_winbind_request_log(struct pwb_context *ctx, return retval; case PAM_SUCCESS: /* Otherwise, the authentication looked good */ - switch (req_type) { - case WINBINDD_INFO: - break; - case WINBINDD_PAM_AUTH: - _pam_log(ctx, LOG_NOTICE, - "user '%s' granted access", user); - break; - case WINBINDD_PAM_CHAUTHTOK: - _pam_log(ctx, LOG_NOTICE, - "user '%s' password changed", user); - break; - default: - _pam_log(ctx, LOG_NOTICE, - "user '%s' OK", user); - break; + if (strcmp(fn, "wbcLogonUser") == 0) { + _pam_log(ctx, LOG_NOTICE, + "user '%s' granted access", user); + } else { + _pam_log(ctx, LOG_NOTICE, + "user '%s' OK", user); } - return retval; default: /* we don't know anything about this return value */ _pam_log(ctx, LOG_ERR, - "internal module error (retval = %d, user = '%s')", - retval, user); + "internal module error (retval = %s(%d), user = '%s')", + _pam_error_code_str(retval), retval, user); return retval; } } +static int wbc_auth_error_to_pam_error(struct pwb_context *ctx, + struct wbcAuthErrorInfo *e, + wbcErr status, + const char *username, + const char *fn) +{ + int ret = PAM_AUTH_ERR; + + if (WBC_ERROR_IS_OK(status)) { + _pam_log_debug(ctx, LOG_DEBUG, "request %s succeeded", + fn); + ret = PAM_SUCCESS; + return pam_winbind_request_log(ctx, ret, username, fn); + } + + if (e) { + if (e->pam_error != PAM_SUCCESS) { + _pam_log(ctx, LOG_ERR, + "request %s failed: %s, " + "PAM error: %s (%d), NTSTATUS: %s, " + "Error message was: %s", + fn, + wbcErrorString(status), + _pam_error_code_str(e->pam_error), + e->pam_error, + e->nt_string, + e->display_string); + ret = e->pam_error; + return pam_winbind_request_log(ctx, ret, username, fn); + } + + _pam_log(ctx, LOG_ERR, "request %s failed, but PAM error 0!", fn); + + ret = PAM_SERVICE_ERR; + return pam_winbind_request_log(ctx, ret, username, fn); + } + + ret = wbc_error_to_pam_error(status); + return pam_winbind_request_log(ctx, ret, username, fn); +} + + /** * send a password expiry message if required * @@ -840,29 +857,34 @@ static bool _pam_send_password_expiry_message(struct pwb_context *ctx, */ static void _pam_warn_password_expiry(struct pwb_context *ctx, - const struct winbindd_response *response, + const struct wbcAuthUserInfo *info, + const struct wbcUserPasswordPolicyInfo *policy, int warn_pwd_expire, bool *already_expired) { time_t now = time(NULL); time_t next_change = 0; + if (!info || !policy) { + return; + } + if (already_expired) { *already_expired = false; } - /* accounts with ACB_PWNOEXP set never receive a warning */ - if (response->data.auth.info3.acct_flags & ACB_PWNOEXP) { + /* accounts with WBC_ACB_PWNOEXP set never receive a warning */ + if (info->acct_flags & WBC_ACB_PWNOEXP) { return; } /* no point in sending a warning if this is a grace logon */ - if (PAM_WB_GRACE_LOGON(response->data.auth.info3.user_flgs)) { + if (PAM_WB_GRACE_LOGON(info->user_flags)) { return; } /* check if the info3 must change timestamp has been set */ - next_change = response->data.auth.info3.pass_must_change_time; + next_change = info->pass_must_change_time; if (_pam_send_password_expiry_message(ctx, next_change, now, warn_pwd_expire, @@ -873,12 +895,11 @@ static void _pam_warn_password_expiry(struct pwb_context *ctx, /* now check for the global password policy */ /* good catch from Ralf Haferkamp: an expiry of "never" is translated * to -1 */ - if (response->data.auth.policy.expire <= 0) { + if (policy->expire <= 0) { return; } - next_change = response->data.auth.info3.pass_last_set_time + - response->data.auth.policy.expire; + next_change = info->pass_last_set_time + policy->expire; if (_pam_send_password_expiry_message(ctx, next_change, now, warn_pwd_expire, @@ -936,33 +957,33 @@ static bool winbind_name_to_sid_string(struct pwb_context *ctx, int sid_list_buffer_size) { const char* sid_string; - struct winbindd_response sid_response; /* lookup name? */ if (IS_SID_STRING(name)) { sid_string = name; } else { - struct winbindd_request sid_request; - - ZERO_STRUCT(sid_request); - ZERO_STRUCT(sid_response); + wbcErr wbc_status; + struct wbcDomainSid sid; + enum wbcSidType type; + char *sid_str; _pam_log_debug(ctx, LOG_DEBUG, "no sid given, looking up: %s\n", name); - /* fortunatly winbindd can handle non-separated names */ - strncpy(sid_request.data.name.name, name, - sizeof(sid_request.data.name.name) - 1); - - if (pam_winbind_request_log(ctx, WINBINDD_LOOKUPNAME, - &sid_request, &sid_response, - user)) { + wbc_status = wbcLookupName("", name, &sid, &type); + if (!WBC_ERROR_IS_OK(wbc_status)) { _pam_log(ctx, LOG_INFO, "could not lookup name: %s\n", name); return false; } - sid_string = sid_response.data.sid.sid; + wbc_status = wbcSidToString(&sid, &sid_str); + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } + + wbcFreeMemory(sid_str); + sid_string = sid_str; } if (!safe_append_string(sid_list_buffer, sid_string, @@ -1047,15 +1068,28 @@ out: */ static void _pam_setup_krb5_env(struct pwb_context *ctx, - const char *krb5ccname) + struct wbcLogonUserInfo *info) { char var[PATH_MAX]; int ret; + uint32_t i; + const char *krb5ccname = NULL; if (off(ctx->ctrl, WINBIND_KRB5_AUTH)) { return; } + if (!info) { + return; + } + + for (i=0; i < info->num_blobs; i++) { + if (strcasecmp(info->blobs[i].name, "krb5ccname") == 0) { + krb5ccname = (const char *)info->blobs[i].blob.data; + break; + } + } + if (!krb5ccname || (strlen(krb5ccname) == 0)) { return; } @@ -1076,6 +1110,41 @@ static void _pam_setup_krb5_env(struct pwb_context *ctx, } /** + * Copy unix username if available (further processed in PAM). + * + * @param ctx PAM winbind context + * @param user_ret A pointer that holds a pointer to a string + * @param unix_username A username + * + * @return void. + */ + +static void _pam_setup_unix_username(struct pwb_context *ctx, + char **user_ret, + struct wbcLogonUserInfo *info) +{ + const char *unix_username = NULL; + uint32_t i; + + if (!user_ret || !info) { + return; + } + + for (i=0; i < info->num_blobs; i++) { + if (strcasecmp(info->blobs[i].name, "unix_username") == 0) { + unix_username = (const char *)info->blobs[i].blob.data; + break; + } + } + + if (!unix_username || !unix_username[0]) { + return; + } + + *user_ret = strdup(unix_username); +} + +/** * Set string into the PAM stack. * * @param ctx PAM winbind context. @@ -1096,14 +1165,13 @@ static void _pam_set_data_string(struct pwb_context *ctx, return; } - ret = pam_set_data(ctx->pamh, data_name, (void *)strdup(value), + ret = pam_set_data(ctx->pamh, data_name, talloc_strdup(NULL, value), _pam_winbind_cleanup_func); if (ret) { _pam_log_debug(ctx, LOG_DEBUG, "Could not set data %s: %s\n", data_name, pam_strerror(ctx->pamh, ret)); } - } /** @@ -1117,16 +1185,16 @@ static void _pam_set_data_string(struct pwb_context *ctx, */ static void _pam_set_data_info3(struct pwb_context *ctx, - struct winbindd_response *response) + const struct wbcAuthUserInfo *info) { _pam_set_data_string(ctx, PAM_WINBIND_HOMEDIR, - response->data.auth.info3.home_dir); + info->home_directory); _pam_set_data_string(ctx, PAM_WINBIND_LOGONSCRIPT, - response->data.auth.info3.logon_script); + info->logon_script); _pam_set_data_string(ctx, PAM_WINBIND_LOGONSERVER, - response->data.auth.info3.logon_srv); + info->logon_server); _pam_set_data_string(ctx, PAM_WINBIND_PROFILEPATH, - response->data.auth.info3.profile_path); + info->profile_path); } /** @@ -1208,80 +1276,235 @@ static void _pam_warn_krb5_failure(struct pwb_context *ctx, } } +static bool _pam_check_remark_auth_err(struct pwb_context *ctx, + const struct wbcAuthErrorInfo *e, + const char *nt_status_string, + int *pam_error) +{ + const char *ntstatus = NULL; + const char *error_string = NULL; + + if (!e || !pam_error) { + return false; + } + + ntstatus = e->nt_string; + if (!ntstatus) { + return false; + } + + if (strcasecmp(ntstatus, nt_status_string) == 0) { + + error_string = _get_ntstatus_error_string(nt_status_string); + if (error_string) { + _make_remark(ctx, PAM_ERROR_MSG, error_string); + *pam_error = e->pam_error; + return true; + } + + if (e->display_string) { + _make_remark(ctx, PAM_ERROR_MSG, e->display_string); + *pam_error = e->pam_error; + return true; + } + + _make_remark(ctx, PAM_ERROR_MSG, nt_status_string); + *pam_error = e->pam_error; + + return true; + } + + return false; +}; + /** * Compose Password Restriction String for a PAM_ERROR_MSG conversation. * - * @param response The struct winbindd_response. + * @param i The wbcUserPasswordPolicyInfo struct. * - * @return string (caller needs to free). + * @return string (caller needs to talloc_free). */ -static char *_pam_compose_pwd_restriction_string(struct winbindd_response *response) +static char *_pam_compose_pwd_restriction_string(struct pwb_context *ctx, + struct wbcUserPasswordPolicyInfo *i) { char *str = NULL; - size_t offset = 0, ret = 0, str_size = 1024; - str = (char *)malloc(str_size); - if (!str) { - return NULL; + if (!i) { + goto failed; } - memset(str, '\0', str_size); - - offset = snprintf(str, str_size, "Your password "); - if (offset == -1) { + str = talloc_asprintf(ctx, "Your password "); + if (!str) { goto failed; } - if (response->data.auth.policy.min_length_password > 0) { - ret = snprintf(str+offset, str_size-offset, + if (i->min_length_password > 0) { + str = talloc_asprintf_append(str, "must be at least %d characters; ", - response->data.auth.policy.min_length_password); - if (ret == -1) { + i->min_length_password); + if (!str) { goto failed; } - offset += ret; } - if (response->data.auth.policy.password_history > 0) { - ret = snprintf(str+offset, str_size-offset, + if (i->password_history > 0) { + str = talloc_asprintf_append(str, "cannot repeat any of your previous %d " "passwords; ", - response->data.auth.policy.password_history); - if (ret == -1) { + i->password_history); + if (!str) { goto failed; } - offset += ret; } - if (response->data.auth.policy.password_properties & - DOMAIN_PASSWORD_COMPLEX) { - ret = snprintf(str+offset, str_size-offset, + if (i->password_properties & WBC_DOMAIN_PASSWORD_COMPLEX) { + str = talloc_asprintf_append(str, "must contain capitals, numerals " "or punctuation; " "and cannot contain your account " "or full name; "); - if (ret == -1) { + if (!str) { goto failed; } - offset += ret; } - ret = snprintf(str+offset, str_size-offset, + str = talloc_asprintf_append(str, "Please type a different password. " "Type a password which meets these requirements in " "both text boxes."); - if (ret == -1) { + if (!str) { goto failed; } return str; failed: - SAFE_FREE(str); + TALLOC_FREE(str); return NULL; } +static int _pam_create_homedir(struct pwb_context *ctx, + const char *dirname, + mode_t mode) +{ + struct stat sbuf; + + if (stat(dirname, &sbuf) == 0) { + return PAM_SUCCESS; + } + + if (mkdir(dirname, mode) != 0) { + + _make_remark_format(ctx, PAM_TEXT_INFO, + "Creating directory: %s failed: %s", + dirname, strerror(errno)); + _pam_log(ctx, LOG_ERR, "could not create dir: %s (%s)", + dirname, strerror(errno)); + return PAM_PERM_DENIED; + } + + return PAM_SUCCESS; +} + +static int _pam_chown_homedir(struct pwb_context *ctx, + const char *dirname, + uid_t uid, + gid_t gid) +{ + if (chown(dirname, uid, gid) != 0) { + _pam_log(ctx, LOG_ERR, "failed to chown user homedir: %s (%s)", + dirname, strerror(errno)); + return PAM_PERM_DENIED; + } + + return PAM_SUCCESS; +} + +static int _pam_mkhomedir(struct pwb_context *ctx) +{ + struct passwd *pwd = NULL; + char *token = NULL; + char *create_dir = NULL; + char *user_dir = NULL; + int ret; + const char *username; + mode_t mode = 0700; + char *safe_ptr = NULL; + char *p = NULL; + + /* Get the username */ + ret = pam_get_user(ctx->pamh, &username, NULL); + if ((ret != PAM_SUCCESS) || (!username)) { + _pam_log_debug(ctx, LOG_DEBUG, "can not get the username"); + return PAM_SERVICE_ERR; + } + + pwd = getpwnam(username); + if (pwd == NULL) { + _pam_log_debug(ctx, LOG_DEBUG, "can not get the username"); + return PAM_USER_UNKNOWN; + } + _pam_log_debug(ctx, LOG_DEBUG, "homedir is: %s", pwd->pw_dir); + + ret = _pam_create_homedir(ctx, pwd->pw_dir, 0700); + if (ret == PAM_SUCCESS) { + ret = _pam_chown_homedir(ctx, pwd->pw_dir, + pwd->pw_uid, + pwd->pw_gid); + } + + if (ret == PAM_SUCCESS) { + return ret; + } + + /* maybe we need to create parent dirs */ + create_dir = talloc_strdup(ctx, "/"); + if (!create_dir) { + return PAM_BUF_ERR; + } + + /* find final directory */ + user_dir = strrchr(pwd->pw_dir, '/'); + if (!user_dir) { + return PAM_BUF_ERR; + } + user_dir++; + + _pam_log(ctx, LOG_DEBUG, "final directory: %s", user_dir); + + p = pwd->pw_dir; + + while ((token = strtok_r(p, "/", &safe_ptr)) != NULL) { + + mode = 0755; + + p = NULL; + + _pam_log_debug(ctx, LOG_DEBUG, "token is %s", token); + + create_dir = talloc_asprintf_append(create_dir, "%s/", token); + if (!create_dir) { + return PAM_BUF_ERR; + } + _pam_log_debug(ctx, LOG_DEBUG, "current_dir is %s", create_dir); + + if (strcmp(token, user_dir) == 0) { + _pam_log_debug(ctx, LOG_DEBUG, "assuming last directory: %s", token); + mode = 0700; + } + + ret = _pam_create_homedir(ctx, create_dir, mode); + if (ret) { + return ret; + } + } + + return _pam_chown_homedir(ctx, create_dir, + pwd->pw_uid, + pwd->pw_gid); +} + /* talk to winbindd */ static int winbind_auth_request(struct pwb_context *ctx, const char *user, @@ -1289,37 +1512,52 @@ static int winbind_auth_request(struct pwb_context *ctx, const char *member, const char *cctype, const int warn_pwd_expire, - struct winbindd_response *p_response, + struct wbcAuthErrorInfo **p_error, + struct wbcLogonUserInfo **p_info, + struct wbcUserPasswordPolicyInfo **p_policy, time_t *pwd_last_set, char **user_ret) { - struct winbindd_request request; - struct winbindd_response response; - int ret; - bool already_expired = false; + wbcErr wbc_status; + + struct wbcLogonUserParams logon; + char membership_of[1024]; + uid_t user_uid = -1; + uint32_t flags = WBFLAG_PAM_INFO3_TEXT | + WBFLAG_PAM_GET_PWD_POLICY; + + struct wbcLogonUserInfo *info = NULL; + struct wbcAuthUserInfo *user_info = NULL; + struct wbcAuthErrorInfo *error = NULL; + struct wbcUserPasswordPolicyInfo *policy = NULL; - ZERO_STRUCT(request); - ZERO_STRUCT(response); + int ret = PAM_AUTH_ERR; + int i; + const char *codes[] = { + "NT_STATUS_PASSWORD_EXPIRED", + "NT_STATUS_PASSWORD_MUST_CHANGE", + "NT_STATUS_INVALID_WORKSTATION", + "NT_STATUS_INVALID_LOGON_HOURS", + "NT_STATUS_ACCOUNT_EXPIRED", + "NT_STATUS_ACCOUNT_DISABLED", + "NT_STATUS_ACCOUNT_LOCKED_OUT", + "NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT", + "NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT", + "NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT", + "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND", + "NT_STATUS_NO_LOGON_SERVERS", + "NT_STATUS_WRONG_PASSWORD", + "NT_STATUS_ACCESS_DENIED" + }; if (pwd_last_set) { *pwd_last_set = 0; } - strncpy(request.data.auth.user, user, - sizeof(request.data.auth.user)-1); - - strncpy(request.data.auth.pass, pass, - sizeof(request.data.auth.pass)-1); - - request.data.auth.krb5_cc_type[0] = '\0'; - request.data.auth.uid = -1; - - request.flags = WBFLAG_PAM_INFO3_TEXT | WBFLAG_PAM_GET_PWD_POLICY; - /* Krb5 auth always has to go against the KDC of the user's realm */ if (ctx->ctrl & WINBIND_KRB5_AUTH) { - request.flags |= WBFLAG_PAM_CONTACT_TRUSTDOM; + flags |= WBFLAG_PAM_CONTACT_TRUSTDOM; } if (ctx->ctrl & (WINBIND_KRB5_AUTH|WINBIND_CACHED_LOGIN)) { @@ -1329,7 +1567,7 @@ static int winbind_auth_request(struct pwb_context *ctx, if (pwd == NULL) { return PAM_USER_UNKNOWN; } - request.data.auth.uid = pwd->pw_uid; + user_uid = pwd->pw_uid; } if (ctx->ctrl & WINBIND_KRB5_AUTH) { @@ -1337,38 +1575,34 @@ static int winbind_auth_request(struct pwb_context *ctx, _pam_log_debug(ctx, LOG_DEBUG, "enabling krb5 login flag\n"); - request.flags |= WBFLAG_PAM_KRB5 | - WBFLAG_PAM_FALLBACK_AFTER_KRB5; + flags |= WBFLAG_PAM_KRB5 | + WBFLAG_PAM_FALLBACK_AFTER_KRB5; } if (ctx->ctrl & WINBIND_CACHED_LOGIN) { _pam_log_debug(ctx, LOG_DEBUG, "enabling cached login flag\n"); - request.flags |= WBFLAG_PAM_CACHED_LOGIN; + flags |= WBFLAG_PAM_CACHED_LOGIN; } if (user_ret) { *user_ret = NULL; - request.flags |= WBFLAG_PAM_UNIX_NAME; + flags |= WBFLAG_PAM_UNIX_NAME; } if (cctype != NULL) { - strncpy(request.data.auth.krb5_cc_type, cctype, - sizeof(request.data.auth.krb5_cc_type) - 1); _pam_log_debug(ctx, LOG_DEBUG, "enabling request for a %s krb5 ccache\n", cctype); } - request.data.auth.require_membership_of_sid[0] = '\0'; - if (member != NULL) { - if (!winbind_name_list_to_sid_string_list(ctx, user, - member, - request.data.auth.require_membership_of_sid, - sizeof(request.data.auth.require_membership_of_sid))) { + ZERO_STRUCT(membership_of); + if (!winbind_name_list_to_sid_string_list(ctx, user, member, + membership_of, + sizeof(membership_of))) { _pam_log_debug(ctx, LOG_ERR, "failed to serialize membership of sid " "\"%s\"\n", member); @@ -1376,60 +1610,100 @@ static int winbind_auth_request(struct pwb_context *ctx, } } - ret = pam_winbind_request_log(ctx, WINBINDD_PAM_AUTH, - &request, &response, user); + ZERO_STRUCT(logon); - if (pwd_last_set) { - *pwd_last_set = response.data.auth.info3.pass_last_set_time; + logon.username = user; + logon.password = pass; + + wbc_status = wbcAddNamedBlob(&logon.num_blobs, + &logon.blobs, + "krb5_cc_type", + 0, + (uint8_t *)cctype, + strlen(cctype)+1); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } + + wbc_status = wbcAddNamedBlob(&logon.num_blobs, + &logon.blobs, + "flags", + 0, + (uint8_t *)&flags, + sizeof(flags)); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; } - if (p_response) { - /* We want to process the response in the caller. */ - *p_response = response; + wbc_status = wbcAddNamedBlob(&logon.num_blobs, + &logon.blobs, + "user_uid", + 0, + (uint8_t *)&user_uid, + sizeof(user_uid)); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } + + wbc_status = wbcAddNamedBlob(&logon.num_blobs, + &logon.blobs, + "membership_of", + 0, + (uint8_t *)membership_of, + sizeof(membership_of)); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } + + wbc_status = wbcLogonUser(&logon, &info, &error, &policy); + ret = wbc_auth_error_to_pam_error(ctx, error, wbc_status, + user, "wbcLogonUser"); + wbcFreeMemory(logon.blobs); + logon.blobs = NULL; + + if (info && info->info) { + user_info = info->info; + } + + if (pwd_last_set && user_info) { + *pwd_last_set = user_info->pass_last_set_time; + } + + if (p_info && info) { + *p_info = info; + } + + if (p_policy && policy) { + *p_policy = policy; + } + + if (p_error && error) { + /* We want to process the error in the caller. */ + *p_error = error; return ret; } - if (ret) { - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_PASSWORD_EXPIRED"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_PASSWORD_MUST_CHANGE"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_INVALID_WORKSTATION"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_INVALID_LOGON_HOURS"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_ACCOUNT_EXPIRED"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_ACCOUNT_DISABLED"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_ACCOUNT_LOCKED_OUT"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_NO_LOGON_SERVERS"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_WRONG_PASSWORD"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_ACCESS_DENIED"); + for (i=0; i<ARRAY_SIZE(codes); i++) { + int _ret = ret; + if (_pam_check_remark_auth_err(ctx, error, codes[i], &_ret)) { + ret = _ret; + goto done; + } } - if (ret == PAM_SUCCESS) { + if ((ret == PAM_SUCCESS) && user_info && policy && info) { + + bool already_expired = false; /* warn a user if the password is about to expire soon */ - _pam_warn_password_expiry(ctx, &response, + _pam_warn_password_expiry(ctx, user_info, policy, warn_pwd_expire, &already_expired); if (already_expired == true) { - SMB_TIME_T last_set; - last_set = response.data.auth.info3.pass_last_set_time; + + SMB_TIME_T last_set = user_info->pass_last_set_time; + _pam_log_debug(ctx, LOG_DEBUG, "Password has expired " "(Password was last set: %lld, " @@ -1437,33 +1711,44 @@ static int winbind_auth_request(struct pwb_context *ctx, "%lld (now it's: %lu))\n", (long long int)last_set, (long long int)last_set + - response.data.auth.policy.expire, + policy->expire, time(NULL)); return PAM_AUTHTOK_EXPIRED; } /* inform about logon type */ - _pam_warn_logon_type(ctx, user, - response.data.auth.info3.user_flgs); + _pam_warn_logon_type(ctx, user, user_info->user_flags); /* inform about krb5 failures */ - _pam_warn_krb5_failure(ctx, user, - response.data.auth.info3.user_flgs); + _pam_warn_krb5_failure(ctx, user, user_info->user_flags); /* set some info3 info for other modules in the stack */ - _pam_set_data_info3(ctx, &response); + _pam_set_data_info3(ctx, user_info); /* put krb5ccname into env */ - _pam_setup_krb5_env(ctx, response.data.auth.krb5ccname); + _pam_setup_krb5_env(ctx, info); /* If winbindd returned a username, return the pointer to it * here. */ - if (user_ret && response.data.auth.unix_username[0]) { - /* We have to trust it's a null terminated string. */ - *user_ret = strndup(response.data.auth.unix_username, - sizeof(response.data.auth.unix_username) - 1); - } + _pam_setup_unix_username(ctx, user_ret, info); + } + + done: + if (logon.blobs) { + wbcFreeMemory(logon.blobs); + } + if (info && info->blobs) { + wbcFreeMemory(info->blobs); + } + if (error && !p_error) { + wbcFreeMemory(error); + } + if (info && !p_info) { + wbcFreeMemory(info); + } + if (policy && !p_policy) { + wbcFreeMemory(policy); } return ret; @@ -1476,99 +1761,95 @@ static int winbind_chauthtok_request(struct pwb_context *ctx, const char *newpass, time_t pwd_last_set) { - struct winbindd_request request; - struct winbindd_response response; - int ret; + wbcErr wbc_status; + struct wbcChangePasswordParams params; + struct wbcAuthErrorInfo *error = NULL; + struct wbcUserPasswordPolicyInfo *policy = NULL; + enum wbcPasswordChangeRejectReason reject_reason = -1; + uint32_t flags = 0; - ZERO_STRUCT(request); - ZERO_STRUCT(response); + int i; + const char *codes[] = { + "NT_STATUS_BACKUP_CONTROLLER", + "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND", + "NT_STATUS_NO_LOGON_SERVERS", + "NT_STATUS_ACCESS_DENIED", + "NT_STATUS_PWD_TOO_SHORT", /* TODO: tell the min pwd length ? */ + "NT_STATUS_PWD_TOO_RECENT", /* TODO: tell the minage ? */ + "NT_STATUS_PWD_HISTORY_CONFLICT" /* TODO: tell the history length ? */ + }; + int ret = PAM_AUTH_ERR; + + ZERO_STRUCT(params); - if (request.data.chauthtok.user == NULL) { - return -2; + if (ctx->ctrl & WINBIND_KRB5_AUTH) { + flags |= WBFLAG_PAM_KRB5 | + WBFLAG_PAM_CONTACT_TRUSTDOM; } - strncpy(request.data.chauthtok.user, user, - sizeof(request.data.chauthtok.user) - 1); - - if (oldpass != NULL) { - strncpy(request.data.chauthtok.oldpass, oldpass, - sizeof(request.data.chauthtok.oldpass) - 1); - } else { - request.data.chauthtok.oldpass[0] = '\0'; + if (ctx->ctrl & WINBIND_CACHED_LOGIN) { + flags |= WBFLAG_PAM_CACHED_LOGIN; } - if (newpass != NULL) { - strncpy(request.data.chauthtok.newpass, newpass, - sizeof(request.data.chauthtok.newpass) - 1); - } else { - request.data.chauthtok.newpass[0] = '\0'; - } + params.account_name = user; + params.level = WBC_AUTH_USER_LEVEL_PLAIN; + params.old_password.plaintext = oldpass; + params.new_password.plaintext = newpass; + params.flags = flags; - if (ctx->ctrl & WINBIND_KRB5_AUTH) { - request.flags = WBFLAG_PAM_KRB5 | - WBFLAG_PAM_CONTACT_TRUSTDOM; - } + wbc_status = wbcChangeUserPasswordEx(¶ms, &error, &reject_reason, &policy); + ret = wbc_auth_error_to_pam_error(ctx, error, wbc_status, + user, "wbcChangeUserPasswordEx"); - if (ctx->ctrl & WINBIND_CACHED_LOGIN) { - request.flags |= WBFLAG_PAM_CACHED_LOGIN; + if (WBC_ERROR_IS_OK(wbc_status)) { + _pam_log(ctx, LOG_NOTICE, + "user '%s' password changed", user); + return PAM_SUCCESS; } - ret = pam_winbind_request_log(ctx, WINBINDD_PAM_CHAUTHTOK, - &request, &response, user); - - if (ret == PAM_SUCCESS) { + if (!error) { + wbcFreeMemory(policy); return ret; } - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_BACKUP_CONTROLLER"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_NO_LOGON_SERVERS"); - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_ACCESS_DENIED"); - - /* TODO: tell the min pwd length ? */ - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_PWD_TOO_SHORT"); - - /* TODO: tell the minage ? */ - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_PWD_TOO_RECENT"); - - /* TODO: tell the history length ? */ - PAM_WB_REMARK_CHECK_RESPONSE_RET(ctx, response, - "NT_STATUS_PWD_HISTORY_CONFLICT"); + for (i=0; i<ARRAY_SIZE(codes); i++) { + int _ret = ret; + if (_pam_check_remark_auth_err(ctx, error, codes[i], &_ret)) { + ret = _ret; + goto done; + } + } - if (!strcasecmp(response.data.auth.nt_status_string, + if (!strcasecmp(error->nt_string, "NT_STATUS_PASSWORD_RESTRICTION")) { char *pwd_restriction_string = NULL; - SMB_TIME_T min_pwd_age; - uint32_t reject_reason = response.data.auth.reject_reason; - min_pwd_age = response.data.auth.policy.min_passwordage; + SMB_TIME_T min_pwd_age = 0; + + if (policy) { + min_pwd_age = policy->min_passwordage; + } /* FIXME: avoid to send multiple PAM messages after another */ switch (reject_reason) { case -1: break; - case SAMR_REJECT_OTHER: + case WBC_PWD_CHANGE_REJECT_OTHER: if ((min_pwd_age > 0) && (pwd_last_set + min_pwd_age > time(NULL))) { PAM_WB_REMARK_DIRECT(ctx, "NT_STATUS_PWD_TOO_RECENT"); } break; - case SAMR_REJECT_TOO_SHORT: + case WBC_PWD_CHANGE_REJECT_TOO_SHORT: PAM_WB_REMARK_DIRECT(ctx, "NT_STATUS_PWD_TOO_SHORT"); break; - case SAMR_REJECT_IN_HISTORY: + case WBC_PWD_CHANGE_REJECT_IN_HISTORY: PAM_WB_REMARK_DIRECT(ctx, "NT_STATUS_PWD_HISTORY_CONFLICT"); break; - case SAMR_REJECT_COMPLEXITY: + case WBC_PWD_CHANGE_REJECT_COMPLEXITY: _make_remark(ctx, PAM_ERROR_MSG, "Password does not meet " "complexity requirements"); @@ -1582,13 +1863,16 @@ static int winbind_chauthtok_request(struct pwb_context *ctx, } pwd_restriction_string = - _pam_compose_pwd_restriction_string(&response); + _pam_compose_pwd_restriction_string(ctx, policy); if (pwd_restriction_string) { _make_remark(ctx, PAM_ERROR_MSG, pwd_restriction_string); - SAFE_FREE(pwd_restriction_string); + TALLOC_FREE(pwd_restriction_string); } } + done: + wbcFreeMemory(error); + wbcFreeMemory(policy); return ret; } @@ -1608,29 +1892,26 @@ static int valid_user(struct pwb_context *ctx, * sure it's really a winbind user, this is important when stacking PAM * modules in the 'account' or 'password' facility. */ + wbcErr wbc_status; struct passwd *pwd = NULL; - struct winbindd_request request; - struct winbindd_response response; - int ret; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); + struct passwd *wb_pwd = NULL; pwd = getpwnam(user); if (pwd == NULL) { return 1; } - strncpy(request.data.username, user, - sizeof(request.data.username) - 1); - - ret = pam_winbind_request_log(ctx, WINBINDD_GETPWNAM, - &request, &response, user); + wbc_status = wbcGetpwnam(user, &wb_pwd); + wbcFreeMemory(wb_pwd); + if (!WBC_ERROR_IS_OK(wbc_status)) { + _pam_log(ctx, LOG_DEBUG, "valid_user: wbcGetpwnam gave %s\n", + wbcErrorString(wbc_status)); + } - switch (ret) { - case PAM_USER_UNKNOWN: + switch (wbc_status) { + case WBC_ERR_UNKNOWN_USER: return 1; - case PAM_SUCCESS: + case WBC_ERR_SUCCESS: return 0; default: break; @@ -1838,12 +2119,13 @@ static const char *get_conf_item_string(struct pwb_context *ctx, if (ctx->dict) { char *key = NULL; - if (!asprintf(&key, "global:%s", item)) { + key = talloc_asprintf(ctx, "global:%s", item); + if (!key) { goto out; } parm_opt = iniparser_getstr(ctx->dict, key); - SAFE_FREE(key); + TALLOC_FREE(key); _pam_log_debug(ctx, LOG_INFO, "CONFIG file: %s '%s'\n", item, parm_opt); @@ -1885,12 +2167,13 @@ static int get_config_item_int(struct pwb_context *ctx, if (ctx->dict) { char *key = NULL; - if (!asprintf(&key, "global:%s", item)) { + key = talloc_asprintf(ctx, "global:%s", item); + if (!key) { goto out; } parm_opt = iniparser_getint(ctx->dict, key, -1); - SAFE_FREE(key); + TALLOC_FREE(key); _pam_log_debug(ctx, LOG_INFO, "CONFIG file: %s '%d'\n", @@ -1940,20 +2223,25 @@ static int get_warn_pwd_expire_from_config(struct pwb_context *ctx) static char winbind_get_separator(struct pwb_context *ctx) { - struct winbindd_request request; - struct winbindd_response response; + wbcErr wbc_status; + static struct wbcInterfaceDetails *details = NULL; - ZERO_STRUCT(request); - ZERO_STRUCT(response); + wbc_status = wbcInterfaceDetails(&details); + if (!WBC_ERROR_IS_OK(wbc_status)) { + _pam_log(ctx, LOG_ERR, + "Could not retrieve winbind interface details: %s", + wbcErrorString(wbc_status)); + return '\0'; + } - if (pam_winbind_request_log(ctx, WINBINDD_INFO, - &request, &response, NULL)) { + if (!details) { return '\0'; } - return response.data.info.winbind_separator; + return details->winbind_separator; } + /** * Convert a upn to a name. * @@ -1966,12 +2254,12 @@ static char winbind_get_separator(struct pwb_context *ctx) static char* winbind_upn_to_username(struct pwb_context *ctx, const char *upn) { - struct winbindd_request req; - struct winbindd_response resp; - int retval; - char *account_name; - int account_name_len; char sep; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcDomainSid sid; + enum wbcSidType type; + char *domain; + char *name; /* This cannot work when the winbind separator = @ */ @@ -1982,35 +2270,19 @@ static char* winbind_upn_to_username(struct pwb_context *ctx, /* Convert the UPN to a SID */ - ZERO_STRUCT(req); - ZERO_STRUCT(resp); - - strncpy(req.data.name.dom_name, "", - sizeof(req.data.name.dom_name) - 1); - strncpy(req.data.name.name, upn, - sizeof(req.data.name.name) - 1); - retval = pam_winbind_request_log(ctx, WINBINDD_LOOKUPNAME, - &req, &resp, upn); - if (retval != PAM_SUCCESS) { + wbc_status = wbcLookupName("", upn, &sid, &type); + if (!WBC_ERROR_IS_OK(wbc_status)) { return NULL; } /* Convert the the SID back to the sAMAccountName */ - ZERO_STRUCT(req); - strncpy(req.data.sid, resp.data.sid.sid, sizeof(req.data.sid)-1); - ZERO_STRUCT(resp); - retval = pam_winbind_request_log(ctx, WINBINDD_LOOKUPSID, - &req, &resp, upn); - if (retval != PAM_SUCCESS) { + wbc_status = wbcLookupSid(&sid, &domain, &name, &type); + if (!WBC_ERROR_IS_OK(wbc_status)) { return NULL; } - account_name_len = asprintf(&account_name, "%s\\%s", - resp.data.name.dom_name, - resp.data.name.name); - - return account_name; + return talloc_asprintf(ctx, "%s\\%s", domain, name); } PAM_EXTERN @@ -2079,7 +2351,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, real_username); if (samaccountname) { free(real_username); - real_username = samaccountname; + real_username = strdup(samaccountname); } } @@ -2111,7 +2383,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, /* Now use the username to look up password */ retval = winbind_auth_request(ctx, real_username, password, - member, cctype, warn_pwd_expire, NULL, + member, cctype, warn_pwd_expire, + NULL, NULL, NULL, NULL, &username_ret); if (retval == PAM_NEW_AUTHTOK_REQD || @@ -2119,7 +2392,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, char *new_authtok_required_during_auth = NULL; - if (!asprintf(&new_authtok_required, "%d", retval)) { + new_authtok_required = talloc_asprintf(NULL, "%d", retval); + if (!new_authtok_required) { retval = PAM_BUF_ERR; goto out; } @@ -2130,7 +2404,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, retval = PAM_SUCCESS; - if (!asprintf(&new_authtok_required_during_auth, "%d", true)) { + new_authtok_required_during_auth = talloc_asprintf(NULL, "%d", true); + if (!new_authtok_required_during_auth) { retval = PAM_BUF_ERR; goto out; } @@ -2164,7 +2439,7 @@ out: _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return retval; } @@ -2212,7 +2487,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, _PAM_LOG_FUNCTION_LEAVE("pam_sm_setcred", ctx, ret); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return ret; } @@ -2313,7 +2588,7 @@ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, _PAM_LOG_FUNCTION_LEAVE("pam_sm_acct_mgmt", ctx, ret); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return ret; } @@ -2322,7 +2597,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { - int ret = PAM_SYSTEM_ERR; + int ret = PAM_SUCCESS; struct pwb_context *ctx = NULL; ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); @@ -2332,12 +2607,14 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, _PAM_LOG_FUNCTION_ENTER("pam_sm_open_session", ctx); - ret = PAM_SUCCESS; - + if (ctx->ctrl & WINBIND_MKHOMEDIR) { + /* check and create homedir */ + ret = _pam_mkhomedir(ctx); + } out: _PAM_LOG_FUNCTION_LEAVE("pam_sm_open_session", ctx, ret); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return ret; } @@ -2348,6 +2625,7 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags, { int retval = PAM_SUCCESS; struct pwb_context *ctx = NULL; + struct wbcLogoffUserParams logoff; retval = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); if (retval) { @@ -2364,15 +2642,15 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags, if (ctx->ctrl & WINBIND_KRB5_AUTH) { /* destroy the ccache here */ - struct winbindd_request request; - struct winbindd_response response; + + wbcErr wbc_status; + struct wbcAuthErrorInfo *error = NULL; + + uint32_t flags = 0; const char *user; const char *ccname = NULL; struct passwd *pwd = NULL; - ZERO_STRUCT(request); - ZERO_STRUCT(response); - retval = pam_get_user(pamh, &user, "Username: "); if (retval) { _pam_log(ctx, LOG_ERR, @@ -2396,34 +2674,70 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags, "user has no KRB5CCNAME environment"); } - strncpy(request.data.logoff.user, user, - sizeof(request.data.logoff.user) - 1); - - if (ccname) { - strncpy(request.data.logoff.krb5ccname, ccname, - sizeof(request.data.logoff.krb5ccname) - 1); - } - pwd = getpwnam(user); if (pwd == NULL) { retval = PAM_USER_UNKNOWN; goto out; } - request.data.logoff.uid = pwd->pw_uid; - request.flags = WBFLAG_PAM_KRB5 | - WBFLAG_PAM_CONTACT_TRUSTDOM; + flags = WBFLAG_PAM_KRB5 | + WBFLAG_PAM_CONTACT_TRUSTDOM; + + ZERO_STRUCT(logoff); + + logoff.username = user; - retval = pam_winbind_request_log(ctx, - WINBINDD_PAM_LOGOFF, - &request, &response, user); + wbc_status = wbcAddNamedBlob(&logoff.num_blobs, + &logoff.blobs, + "ccfilename", + 0, + (uint8_t *)ccname, + strlen(ccname)+1); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto out; + } + + wbc_status = wbcAddNamedBlob(&logoff.num_blobs, + &logoff.blobs, + "flags", + 0, + (uint8_t *)&flags, + sizeof(flags)); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto out; + } + + wbc_status = wbcAddNamedBlob(&logoff.num_blobs, + &logoff.blobs, + "user_uid", + 0, + (uint8_t *)&pwd->pw_uid, + sizeof(pwd->pw_uid)); + if (!WBC_ERROR_IS_OK(wbc_status)) { + goto out; + } + + wbc_status = wbcLogoffUserEx(&logoff, &error); + retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status, + user, "wbcLogoffUser"); + wbcFreeMemory(error); + wbcFreeMemory(logoff.blobs); + + if (!WBC_ERROR_IS_OK(wbc_status)) { + _pam_log(ctx, LOG_INFO, + "failed to logoff user %s: %s\n", + user, wbcErrorString(wbc_status)); + } } out: + if (logoff.blobs) { + wbcFreeMemory(logoff.blobs); + } _PAM_LOG_FUNCTION_LEAVE("pam_sm_close_session", ctx, retval); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return retval; } @@ -2495,11 +2809,9 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, int retry = 0; char *username_ret = NULL; - struct winbindd_response response; + struct wbcAuthErrorInfo *error = NULL; struct pwb_context *ctx = NULL; - ZERO_STRUCT(response); - ret = _pam_winbind_init_context(pamh, flags, argc, argv, &ctx); if (ret) { goto out; @@ -2552,16 +2864,15 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, time_t pwdlastset_prelim = 0; /* instruct user what is happening */ -#define greeting "Changing password for " - Announce = (char *) malloc(sizeof(greeting) + strlen(user)); - if (Announce == NULL) { + +#define greeting "Changing password for" + Announce = talloc_asprintf(ctx, "%s %s", greeting, user); + if (!Announce) { _pam_log(ctx, LOG_CRIT, "password - out of memory"); ret = PAM_BUF_ERR; goto out; } - (void) strcpy(Announce, greeting); - (void) strcpy(Announce + sizeof(greeting) - 1, user); #undef greeting lctrl = ctx->ctrl | WINBIND__OLD_PASSWORD; @@ -2570,6 +2881,7 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, "(current) NT password: ", NULL, (const char **) &pass_old); + TALLOC_FREE(Announce); if (ret != PAM_SUCCESS) { _pam_log(ctx, LOG_NOTICE, "password - (old) token not obtained"); @@ -2579,7 +2891,8 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, /* verify that this is the password for this user */ ret = winbind_auth_request(ctx, user, pass_old, - NULL, NULL, 0, &response, + NULL, NULL, 0, + &error, NULL, NULL, &pwdlastset_prelim, NULL); if (ret != PAM_ACCT_EXPIRED && @@ -2688,6 +3001,8 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, const char *member = NULL; const char *cctype = NULL; int warn_pwd_expire; + struct wbcLogonUserInfo *info = NULL; + struct wbcUserPasswordPolicyInfo *policy = NULL; member = get_member_from_config(ctx); cctype = get_krb5_cc_type_from_config(ctx); @@ -2702,7 +3017,8 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, * */ ret = winbind_auth_request(ctx, user, pass_new, - member, cctype, 0, &response, + member, cctype, 0, + &error, &info, &policy, NULL, &username_ret); _pam_overwrite(pass_new); _pam_overwrite(pass_old); @@ -2710,19 +3026,24 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, if (ret == PAM_SUCCESS) { + struct wbcAuthUserInfo *user_info = NULL; + + if (info && info->info) { + user_info = info->info; + } + /* warn a user if the password is about to * expire soon */ - _pam_warn_password_expiry(ctx, &response, + _pam_warn_password_expiry(ctx, user_info, policy, warn_pwd_expire, NULL); /* set some info3 info for other modules in the * stack */ - _pam_set_data_info3(ctx, &response); + _pam_set_data_info3(ctx, user_info); /* put krb5ccname into env */ - _pam_setup_krb5_env(ctx, - response.data.auth.krb5ccname); + _pam_setup_krb5_env(ctx, info); if (username_ret) { pam_set_item(pamh, PAM_USER, @@ -2732,6 +3053,9 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, username_ret); free(username_ret); } + + wbcFreeMemory(info); + wbcFreeMemory(policy); } goto out; @@ -2741,18 +3065,28 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, } out: + { + /* Deal with offline errors. */ + int i; + const char *codes[] = { + "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND", + "NT_STATUS_NO_LOGON_SERVERS", + "NT_STATUS_ACCESS_DENIED" + }; + + for (i=0; i<ARRAY_SIZE(codes); i++) { + int _ret; + if (_pam_check_remark_auth_err(ctx, error, codes[i], &_ret)) { + break; + } + } + } - /* Deal with offline errors. */ - PAM_WB_REMARK_CHECK_RESPONSE(ctx, response, - "NT_STATUS_NO_LOGON_SERVERS"); - PAM_WB_REMARK_CHECK_RESPONSE(ctx, response, - "NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND"); - PAM_WB_REMARK_CHECK_RESPONSE(ctx, response, - "NT_STATUS_ACCESS_DENIED"); + wbcFreeMemory(error); _PAM_LOG_FUNCTION_LEAVE("pam_sm_chauthtok", ctx, ret); - _pam_winbind_free_context(ctx); + TALLOC_FREE(ctx); return ret; } diff --git a/source3/nsswitch/pam_winbind.h b/source3/nsswitch/pam_winbind.h index 6dba127cdc..cb6f450ccb 100644 --- a/source3/nsswitch/pam_winbind.h +++ b/source3/nsswitch/pam_winbind.h @@ -7,6 +7,8 @@ #include "../lib/replace/replace.h" #include "system/syslog.h" #include "system/time.h" +#include <talloc.h> +#include "libwbclient/wbclient.h" #define MODULE_NAME "pam_winbind" #define PAM_SM_AUTH @@ -97,6 +99,7 @@ do { \ #define WINBIND_SILENT 0x00000800 #define WINBIND_DEBUG_STATE 0x00001000 #define WINBIND_WARN_PWD_EXPIRE 0x00002000 +#define WINBIND_MKHOMEDIR 0x00004000 /* * here is the string to inform the user that the new passwords they @@ -133,73 +136,11 @@ do { \ };\ }; -#define PAM_WB_REMARK_DIRECT_RET(h,f,x)\ -{\ - const char *error_string = NULL; \ - error_string = _get_ntstatus_error_string(x);\ - if (error_string != NULL) {\ - _make_remark(h, f, PAM_ERROR_MSG, error_string);\ - return ret;\ - };\ - _make_remark(h, f, PAM_ERROR_MSG, x);\ - return ret;\ -}; - -#define PAM_WB_REMARK_CHECK_RESPONSE(c,x,y)\ -{\ - const char *ntstatus = x.data.auth.nt_status_string; \ - const char *error_string = NULL; \ - if (!strcasecmp(ntstatus,y)) {\ - error_string = _get_ntstatus_error_string(y);\ - if (error_string != NULL) {\ - _make_remark(c, PAM_ERROR_MSG, error_string);\ - };\ - if (x.data.auth.error_string[0] != '\0') {\ - _make_remark(c, PAM_ERROR_MSG, x.data.auth.error_string);\ - };\ - _make_remark(c, PAM_ERROR_MSG, y);\ - };\ -}; - -#define PAM_WB_REMARK_CHECK_RESPONSE_RET(c,x,y)\ -{\ - const char *ntstatus = x.data.auth.nt_status_string; \ - const char *error_string = NULL; \ - if (!strcasecmp(ntstatus,y)) {\ - error_string = _get_ntstatus_error_string(y);\ - if (error_string != NULL) {\ - _make_remark(c, PAM_ERROR_MSG, error_string);\ - return ret;\ - };\ - if (x.data.auth.error_string[0] != '\0') {\ - _make_remark(c, PAM_ERROR_MSG, x.data.auth.error_string);\ - return ret;\ - };\ - _make_remark(c, PAM_ERROR_MSG, y);\ - return ret;\ - };\ -}; - -/* from samr.idl */ -#define DOMAIN_PASSWORD_COMPLEX 0x00000001 - -#define SAMR_REJECT_OTHER 0x00000000 -#define SAMR_REJECT_TOO_SHORT 0x00000001 -#define SAMR_REJECT_IN_HISTORY 0x00000002 -#define SAMR_REJECT_COMPLEXITY 0x00000005 - -#define ACB_PWNOEXP 0x00000200 - -/* from netlogon.idl */ -#define NETLOGON_CACHED_ACCOUNT 0x00000004 -#define NETLOGON_GRACE_LOGON 0x01000000 - -/* from include/rpc_netlogon.h */ #define LOGON_KRB5_FAIL_CLOCK_SKEW 0x02000000 -#define PAM_WB_CACHED_LOGON(x) (x & NETLOGON_CACHED_ACCOUNT) +#define PAM_WB_CACHED_LOGON(x) (x & WBC_AUTH_USER_INFO_CACHED_ACCOUNT) #define PAM_WB_KRB5_CLOCK_SKEW(x) (x & LOGON_KRB5_FAIL_CLOCK_SKEW) -#define PAM_WB_GRACE_LOGON(x) ((NETLOGON_CACHED_ACCOUNT|NETLOGON_GRACE_LOGON) == ( x & (NETLOGON_CACHED_ACCOUNT|NETLOGON_GRACE_LOGON))) +#define PAM_WB_GRACE_LOGON(x) ((WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON) == ( x & (WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON))) struct pwb_context { pam_handle_t *pamh; @@ -209,3 +150,8 @@ struct pwb_context { dictionary *dict; uint32_t ctrl; }; + +#define TALLOC_FREE(ctx) do { if ((ctx) != NULL) {talloc_free(ctx); ctx=NULL;} } while(0) +#define TALLOC_ZERO_P(ctx, type) (type *)_talloc_zero(ctx, sizeof(type), #type) +#define TALLOC_P(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type) + diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 60524d1d1b..fc49be4314 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -538,8 +538,8 @@ static bool wbinfo_dsgetdcname(const char *domain_name, uint32_t flags) ZERO_STRUCT(request); ZERO_STRUCT(response); - fstrcpy(request.domain_name, domain_name); - request.flags = flags; + fstrcpy(request.data.dsgetdcname.domain_name, domain_name); + request.data.dsgetdcname.flags = flags; request.flags |= DS_DIRECTORY_SERVICE_REQUIRED; @@ -553,7 +553,15 @@ static bool wbinfo_dsgetdcname(const char *domain_name, uint32_t flags) /* Display response */ - d_printf("%s\n", response.data.dc_name); + d_printf("%s\n", response.data.dsgetdcname.dc_unc); + d_printf("%s\n", response.data.dsgetdcname.dc_address); + d_printf("%d\n", response.data.dsgetdcname.dc_address_type); + d_printf("%s\n", response.data.dsgetdcname.domain_guid); + d_printf("%s\n", response.data.dsgetdcname.domain_name); + d_printf("%s\n", response.data.dsgetdcname.forest_name); + d_printf("0x%08x\n", response.data.dsgetdcname.dc_flags); + d_printf("%s\n", response.data.dsgetdcname.dc_site_name); + d_printf("%s\n", response.data.dsgetdcname.client_site_name); return true; } diff --git a/source3/nsswitch/winbind_krb5_locator.c b/source3/nsswitch/winbind_krb5_locator.c index 990c2cae50..b9e35bdec5 100644 --- a/source3/nsswitch/winbind_krb5_locator.c +++ b/source3/nsswitch/winbind_krb5_locator.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. kerberos locator plugin - Copyright (C) Guenther Deschner 2007 + Copyright (C) Guenther Deschner 2007-2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,6 +18,7 @@ */ #include "nsswitch/winbind_client.h" +#include "libwbclient/wbclient.h" #ifndef DEBUG_KRB5 #undef DEBUG_KRB5 @@ -244,37 +245,50 @@ static void smb_krb5_locator_close(void *private_data) static bool ask_winbind(const char *realm, char **dcname) { - NSS_STATUS status; - struct winbindd_request request; - struct winbindd_response response; + wbcErr wbc_status; + const char *dc = NULL; + struct wbcDomainControllerInfoEx *dc_info = NULL; + uint32_t flags; - ZERO_STRUCT(request); - ZERO_STRUCT(response); + flags = WBC_LOOKUP_DC_KDC_REQUIRED | + WBC_LOOKUP_DC_IS_DNS_NAME | + WBC_LOOKUP_DC_RETURN_DNS_NAME | + WBC_LOOKUP_DC_IP_REQUIRED; - request.flags = 0x40020600; - /* DS_KDC_REQUIRED | - DS_IS_DNS_NAME | - DS_RETURN_DNS_NAME | - DS_IP_REQUIRED */ + wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags, &dc_info); - strncpy(request.domain_name, realm, - sizeof(request.domain_name)-1); - - status = winbindd_request_response(WINBINDD_DSGETDCNAME, - &request, &response); - if (status != NSS_STATUS_SUCCESS) { + if (!WBC_ERROR_IS_OK(wbc_status)) { #ifdef DEBUG_KRB5 fprintf(stderr,"[%5u]: smb_krb5_locator_lookup: failed with: %s\n", - (unsigned int)getpid(), nss_err_str(status)); + (unsigned int)getpid(), wbcErrorString(wbc_status)); #endif return false; } - *dcname = strdup(response.data.dc_name); + if (dc_info->dc_address) { + dc = dc_info->dc_address; + if (dc[0] == '\\') dc++; + if (dc[0] == '\\') dc++; + } + + if (!dc && dc_info->dc_unc) { + dc = dc_info->dc_unc; + if (dc[0] == '\\') dc++; + if (dc[0] == '\\') dc++; + } + + if (!dc) { + wbcFreeMemory(dc_info); + return false; + } + + *dcname = strdup(dc); if (!*dcname) { + wbcFreeMemory(dc_info); return false; } + wbcFreeMemory(dc_info); return true; } diff --git a/source3/nsswitch/winbind_struct_protocol.h b/source3/nsswitch/winbind_struct_protocol.h index e81813c77b..ff52dbddaf 100644 --- a/source3/nsswitch/winbind_struct_protocol.h +++ b/source3/nsswitch/winbind_struct_protocol.h @@ -313,6 +313,12 @@ struct winbindd_request { uint32_t initial_blob_len; /* blobs in extra_data */ uint32_t challenge_blob_len; } ccache_ntlm_auth; + struct { + fstring domain_name; + fstring domain_guid; + fstring site_name; + uint32_t flags; + } dsgetdcname; /* padding -- needed to fix alignment between 32bit and 64bit libs. The size is the sizeof the union without the padding aligned on @@ -453,6 +459,17 @@ struct winbindd_response { struct { uint32_t auth_blob_len; /* blob in extra_data */ } ccache_ntlm_auth; + struct { + fstring dc_unc; + fstring dc_address; + uint32_t dc_address_type; + fstring domain_guid; + fstring domain_name; + fstring forest_name; + uint32_t dc_flags; + fstring dc_site_name; + fstring client_site_name; + } dsgetdcname; } data; /* Variable length return data */ diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 60a1fa4858..1191c3d3aa 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -52,6 +52,7 @@ */ #include "includes.h" +#include "printing.h" bool bLoaded = False; @@ -340,6 +341,7 @@ struct global { int iKeepalive; int iminreceivefile; struct param_opt_struct *param_opt; + int cups_connection_timeout; }; static struct global Globals; @@ -2595,6 +2597,15 @@ static struct parm_struct parm_table[] = { .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL, }, { + .label = "cups connection timeout", + .type = P_INTEGER, + .p_class = P_GLOBAL, + .ptr = &Globals.cups_connection_timeout, + .special = NULL, + .enum_list = NULL, + .flags = FLAG_ADVANCED, + }, + { .label = "iprint server", .type = P_STRING, .p_class = P_GLOBAL, @@ -4561,6 +4572,54 @@ static void init_printer_values(struct service *pService) } } +/** + * Free the allocated data for one parameter for a given share. + */ +static void free_parameter(int snum, struct parm_struct parm) +{ + void *parm_ptr; + + if (parm.ptr == NULL); { + return; + } + + if (snum < 0) { + parm_ptr = parm.ptr; + } else if (parm.p_class != P_LOCAL) { + return; + } else { + parm_ptr = lp_local_ptr(snum, parm.ptr); + } + + if ((parm.type == P_STRING) || + (parm.type == P_USTRING)) + { + string_free((char**)parm_ptr); + } else if (parm.type == P_LIST) { + TALLOC_FREE(*((char***)parm_ptr)); + } +} + +/** + * Free the allocated parameter data for a share. + */ +static void free_parameters(int snum) +{ + uint32_t i; + + for (i=0; parm_table[i].label; i++) { + free_parameter(snum, parm_table[i]); + } +} + +/** + * Free the allocated global parameters. + */ +static void free_global_parameters(void) +{ + free_parameters(GLOBAL_SECTION_SNUM); +} + /*************************************************************************** Initialise the global parameter structure. ***************************************************************************/ @@ -4585,14 +4644,7 @@ static void init_globals(bool first_time_only) } done_init = True; } else { - for (i = 0; parm_table[i].label; i++) { - if ((parm_table[i].type == P_STRING || - parm_table[i].type == P_USTRING) && - parm_table[i].ptr) - { - string_free((char **)parm_table[i].ptr); - } - } + free_global_parameters(); } memset((void *)&Globals, '\0', sizeof(Globals)); @@ -4794,6 +4846,7 @@ static void init_globals(bool first_time_only) * to never expire, though, when this runs out the afs client will * forget the token. Set to 0 to get NEVERDATE.*/ Globals.iAfsTokenLifetime = 604800; + Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT; /* these parameters are set to defaults that are more appropriate for the increasing samba install base: @@ -5235,6 +5288,7 @@ FN_GLOBAL_LIST(lp_svcctl_list, &Globals.szServicesList) FN_LOCAL_STRING(lp_cups_options, szCupsOptions) FN_GLOBAL_STRING(lp_cups_server, &Globals.szCupsServer) FN_GLOBAL_STRING(lp_iprint_server, &Globals.szIPrintServer) +FN_GLOBAL_INTEGER(lp_cups_connection_timeout, &Globals.cups_connection_timeout) FN_GLOBAL_CONST_STRING(lp_ctdbd_socket, &Globals.ctdbdSocket) FN_GLOBAL_LIST(lp_cluster_addresses, &Globals.szClusterAddresses) FN_GLOBAL_BOOL(lp_clustering, &Globals.clustering) @@ -5377,6 +5431,7 @@ static bool do_section(const char *pszSectionName, void *userdata); static void init_copymap(struct service *pservice); static bool hash_a_service(const char *name, int number); static void free_service_byindex(int iService); +static void free_param_opts(struct param_opt_struct **popts); static char * canonicalize_servicename(const char *name); static void show_parameter(int parmIndex); static bool is_synonym_of(int parm1, int parm2, bool *inverse); @@ -5631,14 +5686,42 @@ static void init_service(struct service *pservice) copy_service(pservice, &sDefault, NULL); } + +/** + * free a param_opts structure. + * param_opts handling should be moved to talloc; + * then this whole functions reduces to a TALLOC_FREE(). + */ + +static void free_param_opts(struct param_opt_struct **popts) +{ + struct param_opt_struct *opt, *next_opt; + + if (popts == NULL) { + return; + } + + if (*popts != NULL) { + DEBUG(5, ("Freeing parametrics:\n")); + } + opt = *popts; + while (opt != NULL) { + string_free(&opt->key); + string_free(&opt->value); + TALLOC_FREE(opt->list); + next_opt = opt->next; + SAFE_FREE(opt); + opt = next_opt; + } + *popts = NULL; +} + /*************************************************************************** Free the dynamically allocated parts of a service struct. ***************************************************************************/ static void free_service(struct service *pservice) { - int i; - struct param_opt_struct *data, *pdata; if (!pservice) return; @@ -5646,36 +5729,12 @@ static void free_service(struct service *pservice) DEBUG(5, ("free_service: Freeing service %s\n", pservice->szService)); + free_parameters(getservicebyname(pservice->szService, NULL)); + string_free(&pservice->szService); bitmap_free(pservice->copymap); - for (i = 0; parm_table[i].label; i++) { - if ((parm_table[i].type == P_STRING || - parm_table[i].type == P_USTRING) && - parm_table[i].p_class == P_LOCAL) - string_free((char **) - (((char *)pservice) + - PTR_DIFF(parm_table[i].ptr, &sDefault))); - else if (parm_table[i].type == P_LIST && - parm_table[i].p_class == P_LOCAL) - TALLOC_FREE(*((char ***) - (((char *)pservice) + - PTR_DIFF(parm_table[i].ptr, - &sDefault)))); - } - - data = pservice->param_opt; - if (data) - DEBUG(5,("Freeing parametrics:\n")); - while (data) { - DEBUG(5,("[%s = %s]\n", data->key, data->value)); - string_free(&data->key); - string_free(&data->value); - TALLOC_FREE(data->list); - pdata = data->next; - SAFE_FREE(data); - data = pdata; - } + free_param_opts(&pservice->param_opt); ZERO_STRUCTP(pservice); } @@ -5717,7 +5776,6 @@ static int add_a_service(const struct service *pservice, const char *name) int i; struct service tservice; int num_to_alloc = iNumServices + 1; - struct param_opt_struct *data, *pdata; tservice = *pservice; @@ -5727,16 +5785,7 @@ static int add_a_service(const struct service *pservice, const char *name) if (i >= 0) { /* Clean all parametric options for service */ /* They will be added during parsing again */ - data = ServicePtrs[i]->param_opt; - while (data) { - string_free(&data->key); - string_free(&data->value); - TALLOC_FREE(data->list); - pdata = data->next; - SAFE_FREE(data); - data = pdata; - } - ServicePtrs[i]->param_opt = NULL; + free_param_opts(&ServicePtrs[i]->param_opt); return (i); } } @@ -6395,13 +6444,51 @@ static int getservicebyname(const char *pszServiceName, struct service *pservice If pcopymapDest is NULL then copy all fields ***************************************************************************/ +/** + * Add a parametric option to a param_opt_struct, + * replacing old value, if already present. + */ +static void set_param_opt(struct param_opt_struct **opt_list, + const char *opt_name, + const char *opt_value) +{ + struct param_opt_struct *new_opt, *opt; + bool not_added; + + if (opt_list == NULL) { + return; + } + + opt = *opt_list; + not_added = true; + + /* Traverse destination */ + while (opt) { + /* If we already have same option, override it */ + if (strwicmp(opt->key, opt_name) == 0) { + string_free(&opt->value); + TALLOC_FREE(opt->list); + opt->value = SMB_STRDUP(opt_value); + not_added = false; + break; + } + opt = opt->next; + } + if (not_added) { + new_opt = SMB_XMALLOC_P(struct param_opt_struct); + new_opt->key = SMB_STRDUP(opt_name); + new_opt->value = SMB_STRDUP(opt_value); + new_opt->list = NULL; + DLIST_ADD(*opt_list, new_opt); + } +} + static void copy_service(struct service *pserviceDest, struct service *pserviceSource, struct bitmap *pcopymapDest) { int i; bool bcopyall = (pcopymapDest == NULL); - struct param_opt_struct *data, *pdata, *paramo; - bool not_added; + struct param_opt_struct *data; for (i = 0; parm_table[i].label; i++) if (parm_table[i].ptr && parm_table[i].p_class == P_LOCAL && @@ -6459,27 +6546,7 @@ static void copy_service(struct service *pserviceDest, struct service *pserviceS data = pserviceSource->param_opt; while (data) { - not_added = True; - pdata = pserviceDest->param_opt; - /* Traverse destination */ - while (pdata) { - /* If we already have same option, override it */ - if (strwicmp(pdata->key, data->key) == 0) { - string_free(&pdata->value); - TALLOC_FREE(data->list); - pdata->value = SMB_STRDUP(data->value); - not_added = False; - break; - } - pdata = pdata->next; - } - if (not_added) { - paramo = SMB_XMALLOC_P(struct param_opt_struct); - paramo->key = SMB_STRDUP(data->key); - paramo->value = SMB_STRDUP(data->value); - paramo->list = NULL; - DLIST_ADD(pserviceDest->param_opt, paramo); - } + set_param_opt(&pserviceDest->param_opt, data->key, data->value); data = data->next; } } @@ -6547,7 +6614,7 @@ static struct smbconf_ctx *lp_smbconf_ctx(void) return conf_ctx; } -static bool process_registry_service(struct smbconf_service *service) +static bool process_smbconf_service(struct smbconf_service *service) { uint32_t count; bool ret; @@ -6603,7 +6670,7 @@ static bool process_registry_globals(void) goto done; } - ret = process_registry_service(service); + ret = process_smbconf_service(service); if (!ret) { goto done; } @@ -6641,7 +6708,7 @@ static bool process_registry_shares(void) if (strequal(service[count]->name, GLOBAL_NAME)) { continue; } - ret = process_registry_service(service[count]); + ret = process_smbconf_service(service[count]); if (!ret) { goto done; } @@ -7144,14 +7211,11 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue int parmnum, i; void *parm_ptr = NULL; /* where we are going to store the result */ void *def_ptr = NULL; - struct param_opt_struct *paramo, *data; - bool not_added; + struct param_opt_struct **opt_list; parmnum = map_parameter(pszParmName); if (parmnum < 0) { - TALLOC_CTX *frame; - if (strchr(pszParmName, ':') == NULL) { DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName)); @@ -7162,37 +7226,10 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue * We've got a parametric option */ - frame = talloc_stackframe(); + opt_list = (snum < 0) + ? &Globals.param_opt : &ServicePtrs[snum]->param_opt; + set_param_opt(opt_list, pszParmName, pszParmValue); - not_added = True; - data = (snum < 0) - ? Globals.param_opt : ServicePtrs[snum]->param_opt; - /* Traverse destination */ - while (data) { - /* If we already have same option, override it */ - if (strwicmp(data->key, pszParmName) == 0) { - string_free(&data->value); - TALLOC_FREE(data->list); - data->value = SMB_STRDUP(pszParmValue); - not_added = False; - break; - } - data = data->next; - } - if (not_added) { - paramo = SMB_XMALLOC_P(struct param_opt_struct); - paramo->key = SMB_STRDUP(pszParmName); - paramo->value = SMB_STRDUP(pszParmValue); - paramo->list = NULL; - if (snum < 0) { - DLIST_ADD(Globals.param_opt, paramo); - } else { - DLIST_ADD(ServicePtrs[snum]->param_opt, - paramo); - } - } - - TALLOC_FREE(frame); return (True); } @@ -7213,9 +7250,7 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue pszParmName)); return (True); } - parm_ptr = - ((char *)ServicePtrs[snum]) + PTR_DIFF(def_ptr, - &sDefault); + parm_ptr = lp_local_ptr(snum, def_ptr); } if (snum >= 0) { @@ -7813,7 +7848,7 @@ static void lp_add_auto_services(char *str) Auto-load one printer. ***************************************************************************/ -void lp_add_one_printer(char *name, char *comment) +void lp_add_one_printer(const char *name, const char *comment, void *pdata) { int printers = lp_servicenumber(PRINTERS_NAME); int i; @@ -8721,17 +8756,7 @@ void gfree_loadparm(void) /* Now release all resources allocated to global parameters and the default service */ - for (i = 0; parm_table[i].label; i++) - { - if ( parm_table[i].type == P_STRING - || parm_table[i].type == P_USTRING ) - { - string_free( (char**)parm_table[i].ptr ); - } - else if (parm_table[i].type == P_LIST) { - TALLOC_FREE( *((char***)parm_table[i].ptr) ); - } - } + free_global_parameters(); } @@ -8752,9 +8777,6 @@ bool lp_is_in_client(void) return in_client; } - - - /*************************************************************************** Load the services array from the services file. Return True on success, False on failure. @@ -8770,7 +8792,6 @@ bool lp_load_ex(const char *pszFname, { char *n2 = NULL; bool bRetval; - struct param_opt_struct *data, *pdata; bRetval = False; @@ -8788,22 +8809,11 @@ bool lp_load_ex(const char *pszFname, lp_save_defaults(); } + free_param_opts(&Globals.param_opt); + /* We get sections first, so have to start 'behind' to make up */ iServiceIndex = -1; - if (Globals.param_opt != NULL) { - data = Globals.param_opt; - while (data) { - string_free(&data->key); - string_free(&data->value); - TALLOC_FREE(data->list); - pdata = data->next; - SAFE_FREE(data); - data = pdata; - } - Globals.param_opt = NULL; - } - if (lp_config_backend_is_file()) { n2 = alloc_sub_basic(get_current_username(), current_user_info.domain, diff --git a/source3/param/test_lp_load.c b/source3/param/test_lp_load.c new file mode 100644 index 0000000000..db1bad4726 --- /dev/null +++ b/source3/param/test_lp_load.c @@ -0,0 +1,88 @@ +/* + * Unix SMB/CIFS implementation. + * Test for lp_load() + * Copyright (C) Michael Adam 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +extern bool AllowDebugChange; + +int main(int argc, const char **argv) +{ + const char *config_file = get_dyn_CONFIGFILE(); + int ret = 0; + poptContext pc; + char *count_str = NULL; + int i, count = 1; + + struct poptOption long_options[] = { + POPT_AUTOHELP + {"count", 'c', POPT_ARG_STRING, &count_str, 1, + "Load config <count> number of times"}, + POPT_COMMON_DEBUGLEVEL + POPT_TABLEEND + }; + + TALLOC_CTX *frame = talloc_stackframe(); + + load_case_tables(); + DEBUGLEVEL_CLASS[DBGC_ALL] = 0; + + pc = poptGetContext(NULL, argc, argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + poptSetOtherOptionHelp(pc, "[OPTION...] <config-file>"); + + while(poptGetNextOpt(pc) != -1); + + setup_logging(poptGetArg(pc), True); + + if (poptPeekArg(pc)) { + config_file = poptGetArg(pc); + } + + poptFreeContext(pc); + + if (count_str != NULL) { + count = atoi(count_str); + } + + dbf = x_stderr; + /* Don't let the debuglevel be changed by smb.conf. */ + AllowDebugChange = False; + + for (i=0; i < count; i++) { + printf("call lp_load() #%d: ", i+1); + if (!lp_load_with_registry_shares(config_file, + False, /* global only */ + True, /* save defaults */ + False, /*add_ipc */ + True)) /*init globals */ + { + printf("ERROR.\n"); + ret = 1; + goto done; + } + printf("ok.\n"); + } + + +done: + TALLOC_FREE(frame); + gfree_loadparm(); + return ret; +} + diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 4527ae7127..306d4d0a35 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -259,6 +259,31 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid) return True; } +bool secrets_store_local_schannel_key(uint8_t schannel_key[16]) +{ + return secrets_store(SECRETS_LOCAL_SCHANNEL_KEY, schannel_key, 16); +} + +bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]) +{ + size_t size = 0; + uint8_t *key; + + key = (uint8_t *)secrets_fetch(SECRETS_LOCAL_SCHANNEL_KEY, &size); + if (key == NULL) { + return false; + } + + if (size != 16) { + SAFE_FREE(key); + return false; + } + + memcpy(schannel_key, key, 16); + SAFE_FREE(key); + return true; +} + /** * Form a key for fetching the machine trust account sec channel type * diff --git a/source3/printing/load.c b/source3/printing/load.c index 23144d5a95..fc21f271bd 100644 --- a/source3/printing/load.c +++ b/source3/printing/load.c @@ -60,5 +60,5 @@ void load_printers(void) /* load all printcap printers */ if (lp_load_printers() && lp_servicenumber(PRINTERS_NAME) >= 0) - pcap_printer_fn(lp_add_one_printer); + pcap_printer_fn(lp_add_one_printer, NULL); } diff --git a/source3/printing/notify.c b/source3/printing/notify.c index 23df17c389..f6599c413d 100644 --- a/source3/printing/notify.c +++ b/source3/printing/notify.c @@ -34,6 +34,7 @@ static struct notify_queue { size_t buflen; } *notify_queue_head = NULL; +static struct timed_event *notify_event; static bool create_send_ctx(void) { @@ -214,6 +215,22 @@ void print_notify_send_messages(struct messaging_context *msg_ctx, num_messages = 0; } +/******************************************************************* + Event handler to send the messages. +*******************************************************************/ + +static void print_notify_event_send_messages(struct event_context *event_ctx, + struct timed_event *te, + const struct timeval *now, + void *private_data) +{ + /* Remove this timed event handler. */ + TALLOC_FREE(notify_event); + + change_to_root_user(); + print_notify_send_messages(smbd_messaging_context(), 0); +} + /********************************************************************** deep copy a SPOOLSS_NOTIFY_MSG structure using a TALLOC_CTX *********************************************************************/ @@ -304,6 +321,15 @@ to notify_queue_head\n", msg->type, msg->field, msg->printer)); DLIST_ADD_END(notify_queue_head, pnqueue, struct notify_queue *); num_messages++; + + if (smbd_event_context()) { + /* Add an event for 1 second's time to send this queue. */ + notify_event = event_add_timed(smbd_event_context(), NULL, + timeval_current_ofs(1,0), + "print_notify", + print_notify_event_send_messages, NULL); + } + } static void send_notify_field_values(const char *sharename, uint32 type, diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index ded985c260..850375e82b 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1377,6 +1377,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr } } close_file(fsp, NORMAL_CLOSE); + fsp = NULL; /* Get file version info (if available) for new file */ filepath = driver_unix_convert(conn,new_file,&stat_buf); @@ -1417,6 +1418,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr } } close_file(fsp, NORMAL_CLOSE); + fsp = NULL; if (use_version && (new_major != old_major || new_minor != old_minor)) { /* Compare versions and choose the larger version number */ @@ -5491,7 +5493,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) { SEC_ACE ace[5]; /* max number of ace entries */ int i = 0; - SEC_ACCESS sa; + uint32_t sa; SEC_ACL *psa = NULL; SEC_DESC_BUF *sdb = NULL; SEC_DESC *psd = NULL; @@ -5500,7 +5502,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) /* Create an ACE where Everyone is allowed to print */ - init_sec_access(&sa, PRINTER_ACE_PRINT); + sa = PRINTER_ACE_PRINT; init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, SEC_ACE_FLAG_CONTAINER_INHERIT); @@ -5512,7 +5514,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) sid_copy(&domadmins_sid, get_global_sam_sid()); sid_append_rid(&domadmins_sid, DOMAIN_GROUP_RID_ADMINS); - init_sec_access(&sa, PRINTER_ACE_FULL_CONTROL); + sa = PRINTER_ACE_FULL_CONTROL; init_sec_ace(&ace[i++], &domadmins_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY); @@ -5522,7 +5524,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) else if (secrets_fetch_domain_sid(lp_workgroup(), &adm_sid)) { sid_append_rid(&adm_sid, DOMAIN_USER_RID_ADMIN); - init_sec_access(&sa, PRINTER_ACE_FULL_CONTROL); + sa = PRINTER_ACE_FULL_CONTROL; init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY); @@ -5532,7 +5534,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) /* add BUILTIN\Administrators as FULL CONTROL */ - init_sec_access(&sa, PRINTER_ACE_FULL_CONTROL); + sa = PRINTER_ACE_FULL_CONTROL; init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY); diff --git a/source3/printing/pcap.c b/source3/printing/pcap.c index 30cb254a29..10c1a2d608 100644 --- a/source3/printing/pcap.c +++ b/source3/printing/pcap.c @@ -63,41 +63,51 @@ #include "includes.h" -typedef struct pcap_cache { +struct pcap_cache { char *name; char *comment; struct pcap_cache *next; -} pcap_cache_t; +}; -static pcap_cache_t *pcap_cache = NULL; +/* The systemwide printcap cache. */ +static struct pcap_cache *pcap_cache = NULL; -bool pcap_cache_add(const char *name, const char *comment) +bool pcap_cache_add_specific(struct pcap_cache **ppcache, const char *name, const char *comment) { - pcap_cache_t *p; + struct pcap_cache *p; - if (name == NULL || ((p = SMB_MALLOC_P(pcap_cache_t)) == NULL)) - return False; + if (name == NULL || ((p = SMB_MALLOC_P(struct pcap_cache)) == NULL)) + return false; p->name = SMB_STRDUP(name); p->comment = (comment && *comment) ? SMB_STRDUP(comment) : NULL; - p->next = pcap_cache; - pcap_cache = p; + DEBUG(11,("pcap_cache_add_specific: Adding name %s info %s\n", + p->name, p->comment ? p->comment : "")); + + p->next = *ppcache; + *ppcache = p; - return True; + return true; } -static void pcap_cache_destroy(pcap_cache_t *cache) +void pcap_cache_destroy_specific(struct pcap_cache **pp_cache) { - pcap_cache_t *p, *next; + struct pcap_cache *p, *next; - for (p = cache; p != NULL; p = next) { + for (p = *pp_cache; p != NULL; p = next) { next = p->next; SAFE_FREE(p->name); SAFE_FREE(p->comment); SAFE_FREE(p); } + *pp_cache = NULL; +} + +bool pcap_cache_add(const char *name, const char *comment) +{ + return pcap_cache_add_specific(&pcap_cache, name, comment); } bool pcap_cache_loaded(void) @@ -105,11 +115,21 @@ bool pcap_cache_loaded(void) return (pcap_cache != NULL); } +void pcap_cache_replace(const struct pcap_cache *pcache) +{ + const struct pcap_cache *p; + + pcap_cache_destroy_specific(&pcap_cache); + for (p = pcache; p; p = p->next) { + pcap_cache_add(p->name, p->comment); + } +} + void pcap_cache_reload(void) { const char *pcap_name = lp_printcapname(); bool pcap_reloaded = False; - pcap_cache_t *tmp_cache = NULL; + struct pcap_cache *tmp_cache = NULL; XFILE *pcap_file; char *pcap_line; @@ -223,9 +243,9 @@ done: DEBUG(3, ("reload status: %s\n", (pcap_reloaded) ? "ok" : "error")); if (pcap_reloaded) - pcap_cache_destroy(tmp_cache); + pcap_cache_destroy_specific(&tmp_cache); else { - pcap_cache_destroy(pcap_cache); + pcap_cache_destroy_specific(&pcap_cache); pcap_cache = tmp_cache; } @@ -235,7 +255,7 @@ done: bool pcap_printername_ok(const char *printername) { - pcap_cache_t *p; + struct pcap_cache *p; for (p = pcap_cache; p != NULL; p = p->next) if (strequal(p->name, printername)) @@ -245,19 +265,22 @@ bool pcap_printername_ok(const char *printername) } /*************************************************************************** -run a function on each printer name in the printcap file. The function is -passed the primary name and the comment (if possible). Note the fn() takes -strings in DOS codepage. This means the xxx_printer_fn() calls must be fixed -to return DOS codepage. FIXME !! JRA. - -XXX: I'm not sure if this comment still applies.. Anyone? -Rob +run a function on each printer name in the printcap file. ***************************************************************************/ -void pcap_printer_fn(void (*fn)(char *, char *)) + +void pcap_printer_fn_specific(const struct pcap_cache *pc, + void (*fn)(const char *, const char *, void *), + void *pdata) { - pcap_cache_t *p; + const struct pcap_cache *p; - for (p = pcap_cache; p != NULL; p = p->next) - fn(p->name, p->comment); + for (p = pc; p != NULL; p = p->next) + fn(p->name, p->comment, pdata); return; } + +void pcap_printer_fn(void (*fn)(const char *, const char *, void *), void *pdata) +{ + return pcap_printer_fn_specific(pcap_cache, fn, pdata); +} diff --git a/source3/printing/print_cups.c b/source3/printing/print_cups.c index 593c5c7a1f..ca3415ca5a 100644 --- a/source3/printing/print_cups.c +++ b/source3/printing/print_cups.c @@ -2,21 +2,26 @@ * Support code for the Common UNIX Printing System ("CUPS") * * Copyright 1999-2003 by Michael R Sweet. + * Copyright 2008 Jeremy Allison. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, see <http://www.gnu.org/licenses/>. */ +/* + * JRA. Converted to utf8 pull/push. + */ + #include "includes.h" #include "printing.h" @@ -24,6 +29,17 @@ #include <cups/cups.h> #include <cups/language.h> +static SIG_ATOMIC_T gotalarm; + +/*************************************************************** + Signal function to tell us we timed out. +****************************************************************/ + +static void gotalarm_sig(void) +{ + gotalarm = 1; +} + extern userdom_struct current_user_info; /* @@ -40,16 +56,23 @@ cups_passwd_cb(const char *prompt) /* I - Prompt */ return (NULL); } -static http_t *cups_connect(void) +static http_t *cups_connect(TALLOC_CTX *frame) { - http_t *http; - char *server, *p; + http_t *http = NULL; + char *server = NULL, *p = NULL; int port; - + int timeout = lp_cups_connection_timeout(); + size_t size; + if (lp_cups_server() != NULL && strlen(lp_cups_server()) > 0) { - server = smb_xstrdup(lp_cups_server()); + if (!push_utf8_talloc(frame, &server, lp_cups_server(), &size)) { + return NULL; + } } else { - server = smb_xstrdup(cupsServer()); + server = talloc_strdup(frame,cupsServer()); + } + if (!server) { + return NULL; } p = strchr(server, ':'); @@ -59,23 +82,70 @@ static http_t *cups_connect(void) } else { port = ippPort(); } - + DEBUG(10, ("connecting to cups server %s:%d\n", server, port)); - if ((http = httpConnect(server, port)) == NULL) { - DEBUG(0,("Unable to connect to CUPS server %s:%d - %s\n", + gotalarm = 0; + + if (timeout) { + CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); + alarm(timeout); + } + + http = httpConnect(server, port); + + CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN); + alarm(0); + + if (http == NULL) { + DEBUG(0,("Unable to connect to CUPS server %s:%d - %s\n", server, port, strerror(errno))); - SAFE_FREE(server); - return NULL; } - SAFE_FREE(server); return http; } -bool cups_cache_reload(void) +static void send_pcap_info(const char *name, const char *info, void *pd) +{ + int fd = *(int *)pd; + size_t namelen = name ? strlen(name)+1 : 0; + size_t infolen = info ? strlen(info)+1 : 0; + + DEBUG(11,("send_pcap_info: writing namelen %u\n", (unsigned int)namelen)); + if (sys_write(fd, &namelen, sizeof(namelen)) != sizeof(namelen)) { + DEBUG(10,("send_pcap_info: namelen write failed %s\n", + strerror(errno))); + return; + } + DEBUG(11,("send_pcap_info: writing infolen %u\n", (unsigned int)infolen)); + if (sys_write(fd, &infolen, sizeof(infolen)) != sizeof(infolen)) { + DEBUG(10,("send_pcap_info: infolen write failed %s\n", + strerror(errno))); + return; + } + if (namelen) { + DEBUG(11,("send_pcap_info: writing name %s\n", name)); + if (sys_write(fd, name, namelen) != namelen) { + DEBUG(10,("send_pcap_info: name write failed %s\n", + strerror(errno))); + return; + } + } + if (infolen) { + DEBUG(11,("send_pcap_info: writing info %s\n", info)); + if (sys_write(fd, info, infolen) != infolen) { + DEBUG(10,("send_pcap_info: info write failed %s\n", + strerror(errno))); + return; + } + } +} + +static bool cups_cache_reload_async(int fd) { + TALLOC_CTX *frame = talloc_stackframe(); + struct pcap_cache *tmp_pcap_cache = NULL; http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ @@ -87,8 +157,9 @@ bool cups_cache_reload(void) { "printer-name", "printer-info" - }; + }; bool ret = False; + size_t size; DEBUG(5, ("reloading cups printcap cache\n")); @@ -102,7 +173,7 @@ bool cups_cache_reload(void) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -123,7 +194,7 @@ bool cups_cache_reload(void) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -163,12 +234,24 @@ bool cups_cache_reload(void) while (attr != NULL && attr->group_tag == IPP_TAG_PRINTER) { if (strcmp(attr->name, "printer-name") == 0 && - attr->value_tag == IPP_TAG_NAME) - name = attr->values[0].string.text; + attr->value_tag == IPP_TAG_NAME) { + if (!pull_utf8_talloc(frame, + &name, + attr->values[0].string.text, + &size)) { + goto out; + } + } if (strcmp(attr->name, "printer-info") == 0 && - attr->value_tag == IPP_TAG_TEXT) - info = attr->values[0].string.text; + attr->value_tag == IPP_TAG_TEXT) { + if (!pull_utf8_talloc(frame, + &info, + attr->values[0].string.text, + &size)) { + goto out; + } + } attr = attr->next; } @@ -180,7 +263,7 @@ bool cups_cache_reload(void) if (name == NULL) break; - if (!pcap_cache_add(name, info)) { + if (!pcap_cache_add_specific(&tmp_pcap_cache, name, info)) { goto out; } } @@ -203,7 +286,7 @@ bool cups_cache_reload(void) request->request.op.request_id = 1; ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -243,12 +326,24 @@ bool cups_cache_reload(void) while (attr != NULL && attr->group_tag == IPP_TAG_PRINTER) { if (strcmp(attr->name, "printer-name") == 0 && - attr->value_tag == IPP_TAG_NAME) - name = attr->values[0].string.text; + attr->value_tag == IPP_TAG_NAME) { + if (!pull_utf8_talloc(frame, + &name, + attr->values[0].string.text, + &size)) { + goto out; + } + } if (strcmp(attr->name, "printer-info") == 0 && - attr->value_tag == IPP_TAG_TEXT) - info = attr->values[0].string.text; + attr->value_tag == IPP_TAG_TEXT) { + if (!pull_utf8_talloc(frame, + &info, + attr->values[0].string.text, + &size)) { + goto out; + } + } attr = attr->next; } @@ -260,7 +355,7 @@ bool cups_cache_reload(void) if (name == NULL) break; - if (!pcap_cache_add(name, info)) { + if (!pcap_cache_add_specific(&tmp_pcap_cache, name, info)) { goto out; } } @@ -277,9 +372,229 @@ bool cups_cache_reload(void) if (http) httpClose(http); + /* Send all the entries up the pipe. */ + if (tmp_pcap_cache) { + pcap_printer_fn_specific(tmp_pcap_cache, + send_pcap_info, + (void *)&fd); + + pcap_cache_destroy_specific(&tmp_pcap_cache); + } + TALLOC_FREE(frame); return ret; } +static struct pcap_cache *local_pcap_copy; +struct fd_event *cache_fd_event; + +static bool cups_pcap_load_async(int *pfd) +{ + int fds[2]; + pid_t pid; + + *pfd = -1; + + if (cache_fd_event) { + DEBUG(3,("cups_pcap_load_async: already waiting for " + "a refresh event\n" )); + return false; + } + + DEBUG(5,("cups_pcap_load_async: asynchronously loading cups printers\n")); + + if (pipe(fds) == -1) { + return false; + } + + pid = sys_fork(); + if (pid == (pid_t)-1) { + DEBUG(10,("cups_pcap_load_async: fork failed %s\n", + strerror(errno) )); + close(fds[0]); + close(fds[1]); + return false; + } + + if (pid) { + DEBUG(10,("cups_pcap_load_async: child pid = %u\n", + (unsigned int)pid )); + /* Parent. */ + close(fds[1]); + *pfd = fds[0]; + return true; + } + + /* Child. */ + if (!reinit_after_fork(smbd_messaging_context(), true)) { + DEBUG(0,("cups_pcap_load_async: reinit_after_fork() failed\n")); + smb_panic("cups_pcap_load_async: reinit_after_fork() failed"); + } + + close(fds[0]); + cups_cache_reload_async(fds[1]); + close(fds[1]); + _exit(0); +} + +static void cups_async_callback(struct event_context *event_ctx, + struct fd_event *event, + uint16 flags, + void *p) +{ + TALLOC_CTX *frame = talloc_stackframe(); + int fd = *(int *)p; + struct pcap_cache *tmp_pcap_cache = NULL; + + DEBUG(5,("cups_async_callback: callback received for printer data. " + "fd = %d\n", fd)); + + while (1) { + char *name = NULL, *info = NULL; + size_t namelen = 0, infolen = 0; + ssize_t ret = -1; + + ret = sys_read(fd, &namelen, sizeof(namelen)); + if (ret == 0) { + /* EOF */ + break; + } + if (ret != sizeof(namelen)) { + DEBUG(10,("cups_async_callback: namelen read failed %d %s\n", + errno, strerror(errno))); + break; + } + + DEBUG(11,("cups_async_callback: read namelen %u\n", + (unsigned int)namelen)); + + ret = sys_read(fd, &infolen, sizeof(infolen)); + if (ret == 0) { + /* EOF */ + break; + } + if (ret != sizeof(infolen)) { + DEBUG(10,("cups_async_callback: infolen read failed %s\n", + strerror(errno))); + break; + } + + DEBUG(11,("cups_async_callback: read infolen %u\n", + (unsigned int)infolen)); + + if (namelen) { + name = TALLOC_ARRAY(frame, char, namelen); + if (!name) { + break; + } + ret = sys_read(fd, name, namelen); + if (ret == 0) { + /* EOF */ + break; + } + if (ret != namelen) { + DEBUG(10,("cups_async_callback: name read failed %s\n", + strerror(errno))); + break; + } + DEBUG(11,("cups_async_callback: read name %s\n", + name)); + } else { + name = NULL; + } + if (infolen) { + info = TALLOC_ARRAY(frame, char, infolen); + if (!info) { + break; + } + ret = sys_read(fd, info, infolen); + if (ret == 0) { + /* EOF */ + break; + } + if (ret != infolen) { + DEBUG(10,("cups_async_callback: info read failed %s\n", + strerror(errno))); + break; + } + DEBUG(11,("cups_async_callback: read info %s\n", + info)); + } else { + info = NULL; + } + + /* Add to our local pcap cache. */ + pcap_cache_add_specific(&tmp_pcap_cache, name, info); + TALLOC_FREE(name); + TALLOC_FREE(info); + } + + TALLOC_FREE(frame); + if (tmp_pcap_cache) { + /* We got a namelist, replace our local cache. */ + pcap_cache_destroy_specific(&local_pcap_copy); + local_pcap_copy = tmp_pcap_cache; + + /* And the systemwide pcap cache. */ + pcap_cache_replace(local_pcap_copy); + } else { + DEBUG(2,("cups_async_callback: failed to read a new " + "printer list\n")); + } + close(fd); + TALLOC_FREE(p); + TALLOC_FREE(cache_fd_event); +} + +bool cups_cache_reload(void) +{ + int *p_pipe_fd = TALLOC_P(NULL, int); + + if (!p_pipe_fd) { + return false; + } + + *p_pipe_fd = -1; + + /* Set up an async refresh. */ + if (!cups_pcap_load_async(p_pipe_fd)) { + return false; + } + if (!local_pcap_copy) { + /* We have no local cache, wait directly for + * async refresh to complete. + */ + DEBUG(10,("cups_cache_reload: sync read on fd %d\n", + *p_pipe_fd )); + + cups_async_callback(smbd_event_context(), + NULL, + EVENT_FD_READ, + (void *)p_pipe_fd); + if (!local_pcap_copy) { + return false; + } + } else { + /* Replace the system cache with our + * local copy. */ + pcap_cache_replace(local_pcap_copy); + + DEBUG(10,("cups_cache_reload: async read on fd %d\n", + *p_pipe_fd )); + + /* Trigger an event when the pipe can be read. */ + cache_fd_event = event_add_fd(smbd_event_context(), + NULL, *p_pipe_fd, + EVENT_FD_READ, + cups_async_callback, + (void *)p_pipe_fd); + if (!cache_fd_event) { + close(*p_pipe_fd); + TALLOC_FREE(p_pipe_fd); + return false; + } + } + return true; +} /* * 'cups_job_delete()' - Delete a job. @@ -287,13 +602,15 @@ bool cups_cache_reload(void) static int cups_job_delete(const char *sharename, const char *lprm_command, struct printjob *pjob) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ cups_lang_t *language = NULL; /* Default language */ + char *user = NULL; char uri[HTTP_MAX_URI]; /* printer-uri attribute */ - + size_t size; DEBUG(5,("cups_job_delete(%s, %p (%d))\n", sharename, pjob, pjob->sysjob)); @@ -307,7 +624,7 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -329,7 +646,7 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -338,8 +655,12 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "job-uri", NULL, uri); + if (!push_utf8_talloc(frame, &user, pjob->user, &size)) { + goto out; + } + ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, pjob->user); + NULL, user); /* * Do the request and get back a response... @@ -367,6 +688,7 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } @@ -377,13 +699,15 @@ static int cups_job_delete(const char *sharename, const char *lprm_command, stru static int cups_job_pause(int snum, struct printjob *pjob) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ cups_lang_t *language = NULL; /* Default language */ + char *user = NULL; char uri[HTTP_MAX_URI]; /* printer-uri attribute */ - + size_t size; DEBUG(5,("cups_job_pause(%d, %p (%d))\n", snum, pjob, pjob->sysjob)); @@ -397,7 +721,7 @@ static int cups_job_pause(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -419,7 +743,7 @@ static int cups_job_pause(int snum, struct printjob *pjob) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -428,8 +752,11 @@ static int cups_job_pause(int snum, struct printjob *pjob) ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "job-uri", NULL, uri); + if (!push_utf8_talloc(frame, &user, pjob->user, &size)) { + goto out; + } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, pjob->user); + NULL, user); /* * Do the request and get back a response... @@ -457,6 +784,7 @@ static int cups_job_pause(int snum, struct printjob *pjob) if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } @@ -467,13 +795,15 @@ static int cups_job_pause(int snum, struct printjob *pjob) static int cups_job_resume(int snum, struct printjob *pjob) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ cups_lang_t *language = NULL; /* Default language */ + char *user = NULL; char uri[HTTP_MAX_URI]; /* printer-uri attribute */ - + size_t size; DEBUG(5,("cups_job_resume(%d, %p (%d))\n", snum, pjob, pjob->sysjob)); @@ -487,7 +817,7 @@ static int cups_job_resume(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -509,7 +839,7 @@ static int cups_job_resume(int snum, struct printjob *pjob) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -518,8 +848,11 @@ static int cups_job_resume(int snum, struct printjob *pjob) ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "job-uri", NULL, uri); + if (!push_utf8_talloc(frame, &user, pjob->user, &size)) { + goto out; + } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, pjob->user); + NULL, user); /* * Do the request and get back a response... @@ -547,6 +880,7 @@ static int cups_job_resume(int snum, struct printjob *pjob) if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } @@ -557,6 +891,7 @@ static int cups_job_resume(int snum, struct printjob *pjob) static int cups_job_submit(int snum, struct printjob *pjob) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ @@ -567,6 +902,12 @@ static int cups_job_submit(int snum, struct printjob *pjob) char *new_jobname = NULL; int num_options = 0; cups_option_t *options = NULL; + char *printername = NULL; + char *user = NULL; + char *jobname = NULL; + char *cupsoptions = NULL; + char *filename = NULL; + size_t size; char addr[INET6_ADDRSTRLEN]; DEBUG(5,("cups_job_submit(%d, %p (%d))\n", snum, pjob, pjob->sysjob)); @@ -581,7 +922,7 @@ static int cups_job_submit(int snum, struct printjob *pjob) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -604,19 +945,25 @@ static int cups_job_submit(int snum, struct printjob *pjob) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); + if (!push_utf8_talloc(frame, &printername, PRINTERNAME(snum), &size)) { + goto out; + } slprintf(uri, sizeof(uri) - 1, "ipp://localhost/printers/%s", - PRINTERNAME(snum)); + printername); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, uri); + if (!push_utf8_talloc(frame, &user, pjob->user, &size)) { + goto out; + } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, pjob->user); + NULL, user); clientname = client_name(get_client_fd()); if (strcmp(clientname, "UNKNOWN") == 0) { @@ -627,31 +974,43 @@ static int cups_job_submit(int snum, struct printjob *pjob) "job-originating-host-name", NULL, clientname); - if (asprintf(&new_jobname,"%s%.8u %s", PRINT_SPOOL_PREFIX, - (unsigned int)pjob->smbjob, pjob->jobname) < 0) { + if (!push_utf8_talloc(frame, &jobname, pjob->jobname, &size)) { + goto out; + } + new_jobname = talloc_asprintf(frame, + "%s%.8u %s", PRINT_SPOOL_PREFIX, + (unsigned int)pjob->smbjob, + jobname); + if (new_jobname == NULL) { goto out; } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "job-name", NULL, new_jobname); - /* - * add any options defined in smb.conf + /* + * add any options defined in smb.conf */ + if (!push_utf8_talloc(frame, &cupsoptions, lp_cups_options(snum), &size)) { + goto out; + } num_options = 0; options = NULL; - num_options = cupsParseOptions(lp_cups_options(snum), num_options, &options); + num_options = cupsParseOptions(cupsoptions, num_options, &options); if ( num_options ) - cupsEncodeOptions(request, num_options, options); + cupsEncodeOptions(request, num_options, options); /* * Do the request and get back a response... */ - slprintf(uri, sizeof(uri) - 1, "/printers/%s", PRINTERNAME(snum)); + slprintf(uri, sizeof(uri) - 1, "/printers/%s", printername); + if (!push_utf8_talloc(frame, &filename, pjob->filename, &size)) { + goto out; + } if ((response = cupsDoFileRequest(http, request, uri, pjob->filename)) != NULL) { if (response->request.status.status_code >= IPP_OK_CONFLICT) { DEBUG(0,("Unable to print file to %s - %s\n", PRINTERNAME(snum), @@ -678,7 +1037,7 @@ static int cups_job_submit(int snum, struct printjob *pjob) if (http) httpClose(http); - SAFE_FREE(new_jobname); + TALLOC_FREE(frame); return ret; } @@ -690,10 +1049,11 @@ static int cups_job_submit(int snum, struct printjob *pjob) static int cups_queue_get(const char *sharename, enum printing_types printing_type, char *lpq_command, - print_queue_struct **q, + print_queue_struct **q, print_status_struct *status) { - fstring printername; + TALLOC_CTX *frame = talloc_stackframe(); + char *printername = NULL; http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ @@ -704,13 +1064,14 @@ static int cups_queue_get(const char *sharename, qalloc = 0; /* Number of queue entries allocated */ print_queue_struct *queue = NULL, /* Queue entries */ *temp; /* Temporary pointer for queue */ - const char *user_name, /* job-originating-user-name attribute */ - *job_name; /* job-name attribute */ + char *user_name = NULL, /* job-originating-user-name attribute */ + *job_name = NULL; /* job-name attribute */ int job_id; /* job-id attribute */ int job_k_octets; /* job-k-octets attribute */ time_t job_time; /* time-at-creation attribute */ ipp_jstate_t job_status; /* job-status attribute */ int job_priority; /* job-priority attribute */ + size_t size; static const char *jattrs[] = /* Requested job attributes */ { "job-id", @@ -729,15 +1090,16 @@ static int cups_queue_get(const char *sharename, *q = NULL; - /* HACK ALERT!!! The problem with support the 'printer name' - option is that we key the tdb off the sharename. So we will - overload the lpq_command string to pass in the printername - (which is basically what we do for non-cups printers ... using + /* HACK ALERT!!! The problem with support the 'printer name' + option is that we key the tdb off the sharename. So we will + overload the lpq_command string to pass in the printername + (which is basically what we do for non-cups printers ... using the lpq_command to get the queue listing). */ - fstrcpy( printername, lpq_command ); - - DEBUG(5,("cups_queue_get(%s, %p, %p)\n", printername, q, status)); + if (!push_utf8_talloc(frame, &printername, lpq_command, &size)) { + goto out; + } + DEBUG(5,("cups_queue_get(%s, %p, %p)\n", lpq_command, q, status)); /* * Make sure we don't ask for passwords... @@ -749,7 +1111,7 @@ static int cups_queue_get(const char *sharename, * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -777,7 +1139,7 @@ static int cups_queue_get(const char *sharename, language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -882,12 +1244,24 @@ static int cups_queue_get(const char *sharename, job_time = attr->values[0].integer; if (strcmp(attr->name, "job-name") == 0 && - attr->value_tag == IPP_TAG_NAME) - job_name = attr->values[0].string.text; + attr->value_tag == IPP_TAG_NAME) { + if (!pull_utf8_talloc(frame, + &job_name, + attr->values[0].string.text, + &size)) { + goto out; + } + } if (strcmp(attr->name, "job-originating-user-name") == 0 && - attr->value_tag == IPP_TAG_NAME) - user_name = attr->values[0].string.text; + attr->value_tag == IPP_TAG_NAME) { + if (!pull_utf8_talloc(frame, + &user_name, + attr->values[0].string.text, + &size)) { + goto out; + } + } attr = attr->next; } @@ -911,8 +1285,8 @@ static int cups_queue_get(const char *sharename, LPQ_PRINTING; temp->priority = job_priority; temp->time = job_time; - strncpy(temp->fs_user, user_name, sizeof(temp->fs_user) - 1); - strncpy(temp->fs_file, job_name, sizeof(temp->fs_file) - 1); + strlcpy(temp->fs_user, user_name, sizeof(temp->fs_user)); + strlcpy(temp->fs_file, job_name, sizeof(temp->fs_file)); qcount ++; @@ -939,7 +1313,7 @@ static int cups_queue_get(const char *sharename, request->request.op.request_id = 1; ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); @@ -982,8 +1356,15 @@ static int cups_queue_get(const char *sharename, } if ((attr = ippFindAttribute(response, "printer-state-message", - IPP_TAG_TEXT)) != NULL) - fstrcpy(status->message, attr->values[0].string.text); + IPP_TAG_TEXT)) != NULL) { + char *msg = NULL; + if (!pull_utf8_talloc(frame, &msg, + attr->values[0].string.text, + &size)) { + goto out; + } + fstrcpy(status->message, msg); + } /* * Return the job queue... @@ -1001,6 +1382,7 @@ static int cups_queue_get(const char *sharename, if (http) httpClose(http); + TALLOC_FREE(frame); return qcount; } @@ -1011,13 +1393,16 @@ static int cups_queue_get(const char *sharename, static int cups_queue_pause(int snum) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ cups_lang_t *language = NULL; /* Default language */ + char *printername = NULL; + char *username = NULL; char uri[HTTP_MAX_URI]; /* printer-uri attribute */ - + size_t size; DEBUG(5,("cups_queue_pause(%d)\n", snum)); @@ -1031,7 +1416,7 @@ static int cups_queue_pause(int snum) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -1053,18 +1438,24 @@ static int cups_queue_pause(int snum) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); + if (!push_utf8_talloc(frame, &printername, PRINTERNAME(snum), &size)) { + goto out; + } slprintf(uri, sizeof(uri) - 1, "ipp://localhost/printers/%s", - PRINTERNAME(snum)); + printername); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, uri); + if (!push_utf8_talloc(frame, &username, current_user_info.unix_name, &size)) { + goto out; + } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, current_user_info.unix_name); + NULL, username); /* * Do the request and get back a response... @@ -1092,6 +1483,7 @@ static int cups_queue_pause(int snum) if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } @@ -1102,13 +1494,16 @@ static int cups_queue_pause(int snum) static int cups_queue_resume(int snum) { + TALLOC_CTX *frame = talloc_stackframe(); int ret = 1; /* Return value */ http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ cups_lang_t *language = NULL; /* Default language */ + char *printername = NULL; + char *username = NULL; char uri[HTTP_MAX_URI]; /* printer-uri attribute */ - + size_t size; DEBUG(5,("cups_queue_resume(%d)\n", snum)); @@ -1122,7 +1517,7 @@ static int cups_queue_resume(int snum) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -1144,18 +1539,24 @@ static int cups_queue_resume(int snum) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); + if (!push_utf8_talloc(frame, &printername, PRINTERNAME(snum), &size)) { + goto out; + } slprintf(uri, sizeof(uri) - 1, "ipp://localhost/printers/%s", - PRINTERNAME(snum)); + printername); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, uri); + if (!push_utf8_talloc(frame, &username, current_user_info.unix_name, &size)) { + goto out; + } ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_NAME, "requesting-user-name", - NULL, current_user_info.unix_name); + NULL, username); /* * Do the request and get back a response... @@ -1183,6 +1584,7 @@ static int cups_queue_resume(int snum) if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } @@ -1204,15 +1606,16 @@ struct printif cups_printif = bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) { + TALLOC_CTX *frame = talloc_stackframe(); http_t *http = NULL; /* HTTP connection to server */ ipp_t *request = NULL, /* IPP Request */ *response = NULL; /* IPP Response */ ipp_attribute_t *attr; /* Current attribute */ cups_lang_t *language = NULL; /* Default language */ - char *name, /* printer-name attribute */ - *info, /* printer-info attribute */ - *location; /* printer-location attribute */ char uri[HTTP_MAX_URI]; + char *server = NULL; + char *sharename = NULL; + char *name = NULL; static const char *requested[] =/* Requested attributes */ { "printer-name", @@ -1220,6 +1623,7 @@ bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) "printer-location" }; bool ret = False; + size_t size; DEBUG(5, ("pulling %s location\n", printer->sharename)); @@ -1233,7 +1637,7 @@ bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) * Try to connect to the server... */ - if ((http = cups_connect()) == NULL) { + if ((http = cups_connect(frame)) == NULL) { goto out; } @@ -1245,13 +1649,26 @@ bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) language = cupsLangDefault(); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_CHARSET, - "attributes-charset", NULL, cupsLangEncoding(language)); + "attributes-charset", NULL, "utf-8"); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_LANGUAGE, "attributes-natural-language", NULL, language->language); + if (lp_cups_server() != NULL && strlen(lp_cups_server()) > 0) { + if (!push_utf8_talloc(frame, &server, lp_cups_server(), &size)) { + goto out; + } + } else { + server = talloc_strdup(frame,cupsServer()); + } + if (server) { + goto out; + } + if (!push_utf8_talloc(frame, &sharename, printer->sharename, &size)) { + goto out; + } slprintf(uri, sizeof(uri) - 1, "ipp://%s/printers/%s", - lp_cups_server(), printer->sharename); + server, sharename); ippAddString(request, IPP_TAG_OPERATION, IPP_TAG_URI, "printer-uri", NULL, uri); @@ -1286,43 +1703,64 @@ bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) * Pull the needed attributes from this printer... */ - name = NULL; - info = NULL; - location = NULL; - while ( attr && (attr->group_tag == IPP_TAG_PRINTER) ) { + if (strcmp(attr->name, "printer-name") == 0 && + attr->value_tag == IPP_TAG_NAME) { + if (!pull_utf8_talloc(frame, + &name, + attr->values[0].string.text, + &size)) { + goto out; + } + } + /* Grab the comment if we don't have one */ if ( (strcmp(attr->name, "printer-info") == 0) && (attr->value_tag == IPP_TAG_TEXT) - && !strlen(printer->comment) ) + && !strlen(printer->comment) ) { + char *comment = NULL; + if (!pull_utf8_talloc(frame, + &comment, + attr->values[0].string.text, + &size)) { + goto out; + } DEBUG(5,("cups_pull_comment_location: Using cups comment: %s\n", - attr->values[0].string.text)); + comment)); strlcpy(printer->comment, - attr->values[0].string.text, - sizeof(printer->comment)); + comment, + sizeof(printer->comment)); } - /* Grab the location if we don't have one */ + /* Grab the location if we don't have one */ if ( (strcmp(attr->name, "printer-location") == 0) - && (attr->value_tag == IPP_TAG_TEXT) + && (attr->value_tag == IPP_TAG_TEXT) && !strlen(printer->location) ) { + char *location = NULL; + if (!pull_utf8_talloc(frame, + &location, + attr->values[0].string.text, + &size)) { + goto out; + } DEBUG(5,("cups_pull_comment_location: Using cups location: %s\n", - attr->values[0].string.text)); - fstrcpy(printer->location,attr->values[0].string.text); + location)); + strlcpy(printer->location, + location, + sizeof(printer->location)); } attr = attr->next; } /* - * See if we have everything needed... + * We have everything needed... */ - if (name == NULL) + if (name != NULL) break; - } ret = True; @@ -1337,6 +1775,7 @@ bool cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) if (http) httpClose(http); + TALLOC_FREE(frame); return ret; } diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c index c68ecdedeb..d06410a1b3 100644 --- a/source3/registry/reg_dispatcher.c +++ b/source3/registry/reg_dispatcher.c @@ -37,7 +37,6 @@ static const struct generic_mapping reg_generic_map = static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd) { SEC_ACE ace[3]; - SEC_ACCESS mask; size_t i = 0; SEC_DESC *sd; SEC_ACL *acl; @@ -45,21 +44,18 @@ static WERROR construct_registry_sd(TALLOC_CTX *ctx, SEC_DESC **psd) /* basic access for Everyone */ - init_sec_access(&mask, REG_KEY_READ); init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, - mask, 0); + REG_KEY_READ, 0); /* Full Access 'BUILTIN\Administrators' */ - init_sec_access(&mask, REG_KEY_ALL); init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, - SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + SEC_ACE_TYPE_ACCESS_ALLOWED, REG_KEY_ALL, 0); /* Full Access 'NT Authority\System' */ - init_sec_access(&mask, REG_KEY_ALL ); init_sec_ace(&ace[i++], &global_sid_System, SEC_ACE_TYPE_ACCESS_ALLOWED, - mask, 0); + REG_KEY_ALL, 0); /* create the security descriptor */ diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index df87ed13d1..23618efd9f 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -538,3 +538,94 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, return result; } + +/********************************************************* + Change the domain password on the PDC. + + Just changes the password betwen the two values specified. + + Caller must have the cli connected to the netlogon pipe + already. +**********************************************************/ + +NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const unsigned char orig_trust_passwd_hash[16], + const char *new_trust_pwd_cleartext, + const unsigned char new_trust_passwd_hash[16], + uint32_t sec_channel_type) +{ + NTSTATUS result; + uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; + struct netr_Authenticator clnt_creds, srv_cred; + + result = rpccli_netlogon_setup_creds(cli, + cli->desthost, /* server name */ + lp_workgroup(), /* domain */ + global_myname(), /* client name */ + global_myname(), /* machine account name */ + orig_trust_passwd_hash, + sec_channel_type, + &neg_flags); + + if (!NT_STATUS_IS_OK(result)) { + DEBUG(3,("rpccli_netlogon_set_trust_password: unable to setup creds (%s)!\n", + nt_errstr(result))); + return result; + } + + netlogon_creds_client_step(cli->dc, &clnt_creds); + + if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) { + + struct netr_CryptPassword new_password; + + init_netr_CryptPassword(new_trust_pwd_cleartext, + cli->dc->sess_key, + &new_password); + + result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx, + cli->dc->remote_machine, + cli->dc->mach_acct, + sec_channel_type, + global_myname(), + &clnt_creds, + &srv_cred, + &new_password); + if (!NT_STATUS_IS_OK(result)) { + DEBUG(0,("rpccli_netr_ServerPasswordSet2 failed: %s\n", + nt_errstr(result))); + return result; + } + } else { + + struct samr_Password new_password; + + cred_hash3(new_password.hash, + new_trust_passwd_hash, + cli->dc->sess_key, 1); + + result = rpccli_netr_ServerPasswordSet(cli, mem_ctx, + cli->dc->remote_machine, + cli->dc->mach_acct, + sec_channel_type, + global_myname(), + &clnt_creds, + &srv_cred, + &new_password); + if (!NT_STATUS_IS_OK(result)) { + DEBUG(0,("rpccli_netr_ServerPasswordSet failed: %s\n", + nt_errstr(result))); + return result; + } + } + + /* Always check returned credentials. */ + if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { + DEBUG(0,("credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + + return result; +} + diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c index 61841953fc..e4c39e739e 100644 --- a/source3/rpc_client/init_netlogon.c +++ b/source3/rpc_client/init_netlogon.c @@ -391,3 +391,20 @@ void init_netr_PasswordInfo(struct netr_PasswordInfo *r, r->lmpassword = lmpassword; r->ntpassword = ntpassword; } + +/************************************************************************* + inits a netr_CryptPassword structure + *************************************************************************/ + +void init_netr_CryptPassword(const char *pwd, + unsigned char session_key[16], + struct netr_CryptPassword *pwd_buf) +{ + struct samr_CryptPassword password_buf; + + encode_pw_buffer(password_buf.data, pwd, STR_UNICODE); + + SamOEMhash(password_buf.data, session_key, 516); + memcpy(pwd_buf->data, password_buf.data, 512); + pwd_buf->length = IVAL(password_buf.data, 512); +} diff --git a/source3/rpc_client/ndr.c b/source3/rpc_client/ndr.c index 72a33137a6..5565ae3dc3 100644 --- a/source3/rpc_client/ndr.c +++ b/source3/rpc_client/ndr.c @@ -77,7 +77,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli, prs_mem_free( &r_ps ); - pull = ndr_pull_init_blob(&blob, mem_ctx); + pull = ndr_pull_init_blob(&blob, mem_ctx, NULL); if (pull == NULL) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 94517f3478..0e9d121242 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -290,22 +290,18 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s DOM_SID adm_sid; SEC_ACE ace[3]; - SEC_ACCESS mask; SEC_ACL *psa = NULL; - init_sec_access(&mask, LSA_POLICY_EXECUTE); - init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_EXECUTE, 0); sid_copy(&adm_sid, get_global_sam_sid()); sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS); - init_sec_access(&mask, LSA_POLICY_ALL_ACCESS); - init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_ALL_ACCESS, 0); sid_copy(&local_adm_sid, &global_sid_Builtin); sid_append_rid(&local_adm_sid, BUILTIN_ALIAS_RID_ADMINS); - init_sec_access(&mask, LSA_POLICY_ALL_ACCESS); - init_sec_ace(&ace[2], &local_adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &local_adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_ALL_ACCESS, 0); if((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 3, ace)) == NULL) return NT_STATUS_NO_MEMORY; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 1b1e98c049..6455f02374 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -113,36 +113,35 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd { DOM_SID domadmin_sid; SEC_ACE ace[5]; /* at most 5 entries */ - SEC_ACCESS mask; size_t i = 0; SEC_ACL *psa = NULL; /* basic access for Everyone */ - init_sec_access(&mask, map->generic_execute | map->generic_read ); - init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, + map->generic_execute | map->generic_read, 0); /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */ - init_sec_access(&mask, map->generic_all); - - init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); /* Add Full Access for Domain Admins if we are a DC */ if ( IS_DC ) { sid_copy( &domadmin_sid, get_global_sam_sid() ); sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); - init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &domadmin_sid, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); } /* if we have a sid, give it some special access */ if ( sid ) { - init_sec_access( &mask, sid_access ); - init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sid_access, 0); } /* create the security descriptor */ diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index bb9c3687fb..47688b114c 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1700,7 +1700,9 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p, DEBUG(5,("_srvsvc_NetShareAdd: %d\n", __LINE__)); - *r->out.parm_error = 0; + if (r->out.parm_error) { + *r->out.parm_error = 0; + } get_current_user(&user,p); @@ -2148,6 +2150,8 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, connection_struct *conn = NULL; int snum; char *oldcwd = NULL; + struct security_descriptor *psd = NULL; + uint32_t security_info_sent = 0; ZERO_STRUCT(st); @@ -2196,9 +2200,29 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, goto error_exit; } + psd = r->in.sd_buf->sd; + security_info_sent = r->in.securityinformation; + + if (psd->owner_sid==0) { + security_info_sent &= ~OWNER_SECURITY_INFORMATION; + } + if (psd->group_sid==0) { + security_info_sent &= ~GROUP_SECURITY_INFORMATION; + } + if (psd->sacl==0) { + security_info_sent &= ~SACL_SECURITY_INFORMATION; + } + if (psd->dacl==0) { + security_info_sent &= ~DACL_SECURITY_INFORMATION; + } + + /* Convert all the generic bits. */ + security_acl_map_generic(psd->dacl, &file_generic_mapping); + security_acl_map_generic(psd->sacl, &file_generic_mapping); + nt_status = SMB_VFS_FSET_NT_ACL(fsp, - r->in.securityinformation, - r->in.sd_buf->sd); + security_info_sent, + psd); if (!NT_STATUS_IS_OK(nt_status) ) { DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL " diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 6bb538a311..a57d0ff4a4 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -140,7 +140,6 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) { SEC_ACE ace[2]; - SEC_ACCESS mask; size_t i = 0; SEC_DESC *sd; SEC_ACL *acl; @@ -148,13 +147,13 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) /* basic access for Everyone */ - init_sec_access(&mask, SC_MANAGER_READ_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_World, + SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_READ_ACCESS, 0); /* Full Access 'BUILTIN\Administrators' */ - init_sec_access(&mask,SC_MANAGER_ALL_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, + SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_ALL_ACCESS, 0); /* create the security descriptor */ diff --git a/source3/samba4.m4 b/source3/samba4.m4 index c02d3d4b3b..81f1809210 100644 --- a/source3/samba4.m4 +++ b/source3/samba4.m4 @@ -35,7 +35,7 @@ SMB_EXT_LIB_FROM_PKGCONFIG(LIBTALLOC, talloc >= 1.2.0, ] ) -SMB_EXT_LIB_FROM_PKGCONFIG(LIBTDB, tdb >= 1.1.0, +SMB_EXT_LIB_FROM_PKGCONFIG(LIBTDB, tdb >= 1.1.3, [], [ m4_include(../lib/tdb/libtdb.m4) @@ -95,7 +95,6 @@ m4_include(ntvfs/unixuid/config.m4) m4_include(auth/config.m4) m4_include(kdc/config.m4) m4_include(ntvfs/sysdep/config.m4) -m4_include(lib/appweb/config.m4) m4_include(nsswitch/config.m4) dnl Samba 4 files diff --git a/source3/samba4.mk b/source3/samba4.mk index 294eef8b8f..524fc9f64c 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -7,7 +7,7 @@ PARTLINK = $(PROG_LD) -r MDLD = $(SHLD) MDLD_FLAGS = $(LDSHFLAGS) -samba4srcdir = $(call abspath,$(srcdir)/../source4) +samba4srcdir = $(srcdir)/../source4 # Flags used for the samba 4 files # $(srcdir)/include is required for config.h @@ -83,12 +83,11 @@ libcmdlinesrcdir := $(samba4srcdir)/lib/cmdline poptsrcdir := $(samba4srcdir)/../lib/popt socketwrappersrcdir := $(samba4srcdir)/../lib/socket_wrapper nsswrappersrcdir := $(samba4srcdir)/../lib/nss_wrapper -appwebsrcdir := $(samba4srcdir)/lib/appweb libstreamsrcdir := $(samba4srcdir)/lib/stream libutilsrcdir := $(samba4srcdir)/lib/util libtdrsrcdir := $(samba4srcdir)/lib/tdr libdbwrapsrcdir := $(samba4srcdir)/lib/dbwrap -libcryptosrcdir := $(samba4srcdir)/lib/crypto +libcryptosrcdir := $(samba4srcdir)/../lib/crypto libtorturesrcdir := $(samba4srcdir)/lib/torture libcompressionsrcdir := $(samba4srcdir)/../lib/compression libgencachesrcdir := $(samba4srcdir)/lib @@ -108,7 +107,7 @@ ntvfssrcdir := $(samba4srcdir)/ntvfs ntptrsrcdir := $(samba4srcdir)/ntptr clientsrcdir := $(samba4srcdir)/client libclisrcdir := $(samba4srcdir)/libcli -ejsscriptsrcdir := $(samba4srcdir)/scripting/ejs +libclinbtsrcdir := $(samba4srcdir)/../libcli/nbt pyscriptsrcdir := $(samba4srcdir)/scripting/python kdcsrcdir := $(samba4srcdir)/kdc smbreadlinesrcdir := $(samba4srcdir)/lib/smbreadline @@ -116,6 +115,7 @@ ntp_signdsrcdir := $(samba4srcdir)/ntp_signd tdbsrcdir := $(samba4srcdir)/../lib/tdb ldbsrcdir := $(samba4srcdir)/lib/ldb tallocsrcdir := $(samba4srcdir)/../lib/talloc +comsrcdir := $(samba4srcdir)/lib/com override ASN1C = bin/asn1_compile4 override ET_COMPILER = bin/compile_et4 include samba4-data.mk @@ -158,7 +158,7 @@ clean:: proto:: $(PROTO_HEADERS) modules:: $(PLUGINS) -all:: basics bin/smbd4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 +all:: basics bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 torture:: basics bin/smbtorture4 everything:: basics $(patsubst %,%4,$(BINARIES)) diff --git a/source3/script/build_idl.sh b/source3/script/build_idl.sh index 8ff5dcd949..2027fd3937 100755 --- a/source3/script/build_idl.sh +++ b/source3/script/build_idl.sh @@ -19,7 +19,7 @@ for f in ${IDL_FILES}; do basename=`basename $f .idl` ndr="librpc/gen_ndr/ndr_$basename.c" - if [ -f $ndr ] && false; then + if [ -f $ndr ]; then if [ "x`find librpc/idl/$f -newer $ndr -print`" = "xlibrpc/idl/$f" ]; then list="$list librpc/idl/$f" fi diff --git a/source3/script/tests/wb_pad.sh b/source3/script/tests/wb_pad.sh new file mode 100755 index 0000000000..f1f5ca24c4 --- /dev/null +++ b/source3/script/tests/wb_pad.sh @@ -0,0 +1,82 @@ +#!/bin/sh +# +# Copyright (C) Guenther Deschner 2008 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see <http://www.gnu.org/licenses/>. + +tempdir=`mktemp -d /tmp/wb_padXXXXXX` +test -n "$tempdir" || exit 1 +cat >> $tempdir/wb_pad.c << _EOF +#include "nsswitch/winbind_client.h" + +int main(int argc, const char **argv) +{ + struct winbindd_request req; + struct winbindd_response resp; + + if (argc != 2) { + printf("usage: %s [req|resp]\n", argv[0]); + return 0; + } + + if (strcmp(argv[1], "req") == 0) { + printf("%d\n", (uint32_t)sizeof(req)); + } + if (strcmp(argv[1], "resp") == 0) { + printf("%d\n", (uint32_t)sizeof(resp)); + } + + return 0; +} +_EOF + +cleanup() { + rm -f $tempdir/wb_pad_32 $tempdir/wb_pad_64 $tempdir/wb_pad.c + rmdir $tempdir +} + +cflags="-I. -I./../lib/replace -Iinclude" +${CC:-gcc} -m32 $RPM_OPT_FLAGS $CFLAGS -o $tempdir/wb_pad_32 $cflags $tempdir/wb_pad.c +if [ $? -ne 0 ]; then + cleanup + exit 1 +fi +${CC:-gcc} -m64 $RPM_OPT_FLAGS $CFLAGS -o $tempdir/wb_pad_64 $cflags $tempdir/wb_pad.c +if [ $? -ne 0 ]; then + cleanup + exit 1 +fi + +out_64_req=`$tempdir/wb_pad_64 req` +out_64_resp=`$tempdir/wb_pad_64 resp` +out_32_req=`$tempdir/wb_pad_32 req` +out_32_resp=`$tempdir/wb_pad_32 resp` + +cleanup + +if test "$out_64_req" != "$out_32_req"; then + echo "winbind request size differs!" + echo "64bit: $out_64_req" + echo "32bit: $out_32_req" + exit 1 +fi + +if test "$out_64_resp" != "$out_32_resp"; then + echo "winbind response size differs!" + echo "64bit: $out_64_resp" + echo "32bit: $out_32_resp" + exit 1 +fi + +exit 0 diff --git a/source3/services/services_db.c b/source3/services/services_db.c index 8f58c2dbfa..0f5264bcd8 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -89,7 +89,6 @@ struct service_display_info common_unix_svcs[] = { static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx ) { SEC_ACE ace[4]; - SEC_ACCESS mask; size_t i = 0; SEC_DESC *sd = NULL; SEC_ACL *acl = NULL; @@ -97,15 +96,16 @@ static SEC_DESC* construct_service_sd( TALLOC_CTX *ctx ) /* basic access for Everyone */ - init_sec_access(&mask, SERVICE_READ_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_World, + SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_READ_ACCESS, 0); - init_sec_access(&mask,SERVICE_EXECUTE_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users, + SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_EXECUTE_ACCESS, 0); - init_sec_access(&mask,SERVICE_ALL_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators, + SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, + SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0); /* create the security descriptor */ diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c index b9433bb965..7f34d2b8e2 100644 --- a/source3/smbd/conn.c +++ b/source3/smbd/conn.c @@ -252,8 +252,8 @@ void conn_free_internal(connection_struct *conn) /* Free vfs_connection_struct */ handle = conn->vfs_handles; while(handle) { - DLIST_REMOVE(conn->vfs_handles, handle); thandle = handle->next; + DLIST_REMOVE(conn->vfs_handles, handle); if (handle->free_data) handle->free_data(&handle->data); handle = thandle; diff --git a/source3/smbd/fake_file.c b/source3/smbd/fake_file.c index 8dd9abee1a..1761cb66a8 100644 --- a/source3/smbd/fake_file.c +++ b/source3/smbd/fake_file.c @@ -146,14 +146,6 @@ NTSTATUS open_fake_file(connection_struct *conn, return NT_STATUS_OK; } -void destroy_fake_file_handle(struct fake_file_handle **fh) -{ - if (!fh) { - return; - } - TALLOC_FREE(*fh); -} - NTSTATUS close_fake_file(files_struct *fsp) { file_free(fsp); diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 41a0b9296a..562f1e8d94 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -101,8 +101,7 @@ get any fatal errors that should immediately terminate the calling SMB processing whilst resolving. If the saved_last_component != 0, then the unmodified last component -of the pathname is returned there. This is used in an exceptional -case in reply_mv (so far). If saved_last_component == 0 then nothing +of the pathname is returned there. If saved_last_component == 0 then nothing is returned there. If last_component_wcard is true then a MS wildcard was detected and diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 17c473f028..519f4945f2 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -122,10 +122,12 @@ NTSTATUS file_new(connection_struct *conn, files_struct **result) chain_fsp = fsp; - /* A new fsp invalidates a negative fsp_fi_cache. */ - if (fsp_fi_cache.fsp == NULL) { - ZERO_STRUCT(fsp_fi_cache); - } + /* A new fsp invalidates the positive and + negative fsp_fi_cache as the new fsp is pushed + at the start of the list and we search from + a cache hit to the *end* of the list. */ + + ZERO_STRUCT(fsp_fi_cache); *result = fsp; return NT_STATUS_OK; @@ -326,8 +328,7 @@ files_struct *file_find_di_first(struct file_id id) fsp_fi_cache.id = id; for (fsp=Files;fsp;fsp=fsp->next) { - if ( fsp->fh->fd != -1 && - file_id_equal(&fsp->file_id, &id)) { + if (file_id_equal(&fsp->file_id, &id)) { /* Setup positive cache. */ fsp_fi_cache.fsp = fsp; return fsp; @@ -348,8 +349,7 @@ files_struct *file_find_di_next(files_struct *start_fsp) files_struct *fsp; for (fsp = start_fsp->next;fsp;fsp=fsp->next) { - if ( fsp->fh->fd != -1 && - file_id_equal(&fsp->file_id, &start_fsp->file_id)) { + if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) { return fsp; } } @@ -400,9 +400,7 @@ void file_free(files_struct *fsp) string_free(&fsp->fsp_name); - if (fsp->fake_file_handle) { - destroy_fake_file_handle(&fsp->fake_file_handle); - } + TALLOC_FREE(fsp->fake_file_handle); if (fsp->fh->ref_count == 1) { SAFE_FREE(fsp->fh); diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index f4c45999ba..0f2caad86f 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -318,7 +318,7 @@ static void api_fd_reply(connection_struct *conn, uint16 vuid, /* Get the file handle and hence the file name. */ /* * NB. The setup array has already been transformed - * via SVAL and so is in gost byte order. + * via SVAL and so is in host byte order. */ pnum = ((int)setup[1]) & 0xFFFF; subcommand = ((int)setup[0]) & 0xFFFF; diff --git a/source3/smbd/notify_internal.c b/source3/smbd/notify_internal.c index 84b8e1098e..06da717799 100644 --- a/source3/smbd/notify_internal.c +++ b/source3/smbd/notify_internal.c @@ -166,7 +166,7 @@ static NTSTATUS notify_load(struct notify_context *notify, struct db_record *rec status = NT_STATUS_OK; if (blob.length > 0) { enum ndr_err_code ndr_err; - ndr_err = ndr_pull_struct_blob(&blob, notify->array, notify->array, + ndr_err = ndr_pull_struct_blob(&blob, notify->array, NULL, notify->array, (ndr_pull_flags_fn_t)ndr_pull_notify_array); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); @@ -220,7 +220,7 @@ static NTSTATUS notify_save(struct notify_context *notify, struct db_record *rec tmp_ctx = talloc_new(notify); NT_STATUS_HAVE_NO_MEMORY(tmp_ctx); - ndr_err = ndr_push_struct_blob(&blob, tmp_ctx, notify->array, + ndr_err = ndr_push_struct_blob(&blob, tmp_ctx, NULL, notify->array, (ndr_push_flags_fn_t)ndr_push_notify_array); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(tmp_ctx); @@ -258,7 +258,7 @@ static void notify_handler(struct messaging_context *msg_ctx, void *private_data return; } - ndr_err = ndr_pull_struct_blob(data, tmp_ctx, &ev, + ndr_err = ndr_pull_struct_blob(data, tmp_ctx, NULL, &ev, (ndr_pull_flags_fn_t)ndr_pull_notify_event); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(tmp_ctx); @@ -561,7 +561,7 @@ static NTSTATUS notify_send(struct notify_context *notify, struct notify_entry * tmp_ctx = talloc_new(notify); - ndr_err = ndr_push_struct_blob(&data, tmp_ctx, &ev, + ndr_err = ndr_push_struct_blob(&data, tmp_ctx, NULL, &ev, (ndr_push_flags_fn_t)ndr_push_notify_event); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(tmp_ctx); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 584399c86c..061855876c 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -713,6 +713,7 @@ static void do_nt_transact_create_pipe(connection_struct *conn, static NTSTATUS set_sd(files_struct *fsp, uint8 *data, uint32 sd_len, uint32 security_info_sent) { + extern const struct generic_mapping file_generic_mapping; SEC_DESC *psd = NULL; NTSTATUS status; @@ -739,6 +740,10 @@ static NTSTATUS set_sd(files_struct *fsp, uint8 *data, uint32 sd_len, security_info_sent &= ~DACL_SECURITY_INFORMATION; } + /* Convert all the generic bits. */ + security_acl_map_generic(psd->dacl, &file_generic_mapping); + security_acl_map_generic(psd->sacl, &file_generic_mapping); + status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd); TALLOC_FREE(psd); diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 71191475b3..8727e80d5f 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2608,9 +2608,7 @@ NTSTATUS create_file_unixpath(connection_struct *conn, && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) - && (((dos_mode(conn, fname, &sbuf) & FILE_ATTRIBUTE_READONLY) - && !lp_delete_readonly(SNUM(conn))) - || !can_delete_file_in_directory(conn, fname))) { + && (!can_delete_file_in_directory(conn, fname))) { status = NT_STATUS_ACCESS_DENIED; goto fail; } @@ -2766,6 +2764,10 @@ NTSTATUS create_file_unixpath(connection_struct *conn, fsp->access_mask = FILE_GENERIC_ALL; + /* Convert all the generic bits. */ + security_acl_map_generic(sd->dacl, &file_generic_mapping); + security_acl_map_generic(sd->sacl, &file_generic_mapping); + status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd); fsp->access_mask = saved_access_mask; diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 7479aea076..4e35e9deaa 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -890,13 +890,12 @@ static bool nt4_compatible_acls(void) not get. Deny entries are implicit on get with ace->perms = 0. ****************************************************************************/ -static SEC_ACCESS map_canon_ace_perms(int snum, +static uint32_t map_canon_ace_perms(int snum, enum security_ace_type *pacl_type, mode_t perms, bool directory_ace) { - SEC_ACCESS sa; - uint32 nt_mask = 0; + uint32_t nt_mask = 0; *pacl_type = SEC_ACE_TYPE_ACCESS_ALLOWED; @@ -935,8 +934,7 @@ static SEC_ACCESS map_canon_ace_perms(int snum, DEBUG(10,("map_canon_ace_perms: Mapped (UNIX) %x to (NT) %x\n", (unsigned int)perms, (unsigned int)nt_mask )); - init_sec_access(&sa,nt_mask); - return sa; + return nt_mask; } /**************************************************************************** @@ -988,7 +986,7 @@ static mode_t map_nt_perms( uint32 *mask, int type) Unpack a SEC_DESC into a UNIX owner and group. ****************************************************************************/ -NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd) +NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd) { DOM_SID owner_sid; DOM_SID grp_sid; @@ -1329,11 +1327,13 @@ static void check_owning_objs(canon_ace *ace, DOM_SID *pfile_owner_sid, DOM_SID Unpack a SEC_DESC into two canonical ace lists. ****************************************************************************/ -static bool create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst, - DOM_SID *pfile_owner_sid, - DOM_SID *pfile_grp_sid, - canon_ace **ppfile_ace, canon_ace **ppdir_ace, - SEC_ACL *dacl) +static bool create_canon_ace_lists(files_struct *fsp, + SMB_STRUCT_STAT *pst, + DOM_SID *pfile_owner_sid, + DOM_SID *pfile_grp_sid, + canon_ace **ppfile_ace, + canon_ace **ppdir_ace, + const SEC_ACL *dacl) { bool all_aces_are_inherit_only = (fsp->is_directory ? True : False); canon_ace *file_ace = NULL; @@ -2016,12 +2016,14 @@ static mode_t create_default_mode(files_struct *fsp, bool interitable_mode) succeeding. ****************************************************************************/ -static bool unpack_canon_ace(files_struct *fsp, - SMB_STRUCT_STAT *pst, - DOM_SID *pfile_owner_sid, - DOM_SID *pfile_grp_sid, - canon_ace **ppfile_ace, canon_ace **ppdir_ace, - uint32 security_info_sent, SEC_DESC *psd) +static bool unpack_canon_ace(files_struct *fsp, + SMB_STRUCT_STAT *pst, + DOM_SID *pfile_owner_sid, + DOM_SID *pfile_grp_sid, + canon_ace **ppfile_ace, + canon_ace **ppdir_ace, + uint32 security_info_sent, + const SEC_DESC *psd) { canon_ace *file_ace = NULL; canon_ace *dir_ace = NULL; @@ -2958,9 +2960,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, */ for (ace = file_ace; ace != NULL; ace = ace->next) { - SEC_ACCESS acc; - - acc = map_canon_ace_perms(SNUM(conn), + uint32_t acc = map_canon_ace_perms(SNUM(conn), &nt_acl_type, ace->perms, S_ISDIR(sbuf->st_mode)); @@ -2975,19 +2975,14 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, /* The User must have access to a profile share - even * if we can't map the SID. */ if (lp_profile_acls(SNUM(conn))) { - SEC_ACCESS acc; - - init_sec_access(&acc,FILE_GENERIC_ALL); init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, - acc, 0); + FILE_GENERIC_ALL, 0); } for (ace = dir_ace; ace != NULL; ace = ace->next) { - SEC_ACCESS acc; - - acc = map_canon_ace_perms(SNUM(conn), + uint32_t acc = map_canon_ace_perms(SNUM(conn), &nt_acl_type, ace->perms, S_ISDIR(sbuf->st_mode)); @@ -3005,10 +3000,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, /* The User must have access to a profile share - even * if we can't map the SID. */ if (lp_profile_acls(SNUM(conn))) { - SEC_ACCESS acc; - - init_sec_access(&acc,FILE_GENERIC_ALL); - init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, acc, + init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, FILE_GENERIC_ALL, SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT| SEC_ACE_FLAG_INHERIT_ONLY|0); } @@ -3223,26 +3215,26 @@ int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid) Take care of parent ACL inheritance. ****************************************************************************/ -static NTSTATUS append_parent_acl(files_struct *fsp, - SMB_STRUCT_STAT *psbuf, - SEC_DESC *psd, +NTSTATUS append_parent_acl(files_struct *fsp, + const SEC_DESC *pcsd, SEC_DESC **pp_new_sd) { SEC_DESC *parent_sd = NULL; files_struct *parent_fsp = NULL; - TALLOC_CTX *mem_ctx = talloc_parent(psd); + TALLOC_CTX *mem_ctx = talloc_tos(); char *parent_name = NULL; SEC_ACE *new_ace = NULL; - unsigned int num_aces = psd->dacl->num_aces; + unsigned int num_aces = pcsd->dacl->num_aces; SMB_STRUCT_STAT sbuf; NTSTATUS status; int info; unsigned int i, j; - bool is_dacl_protected = (psd->type & SE_DESC_DACL_PROTECTED); + SEC_DESC *psd = dup_sec_desc(talloc_tos(), pcsd); + bool is_dacl_protected = (pcsd->type & SE_DESC_DACL_PROTECTED); ZERO_STRUCT(sbuf); - if (mem_ctx == NULL) { + if (psd == NULL) { return NT_STATUS_NO_MEMORY; } @@ -3398,11 +3390,6 @@ static NTSTATUS append_parent_acl(files_struct *fsp, parent_name)); } - /* This sucks. psd should be const and we should - * be doing a deep-copy here. We're getting away - * with is as we know parent_sd is talloced off - * talloc_tos() as well as psd. JRA. */ - psd->dacl->aces = new_ace; psd->dacl->num_aces = i; psd->type &= ~(SE_DESC_DACL_AUTO_INHERITED| @@ -3418,7 +3405,7 @@ static NTSTATUS append_parent_acl(files_struct *fsp, This should be the only external function needed for the UNIX style set ACL. ****************************************************************************/ -NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { connection_struct *conn = fsp->conn; uid_t user = (uid_t)-1; @@ -3529,10 +3516,12 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) SE_DESC_DACL_AUTO_INHERIT_REQ))== (SE_DESC_DACL_AUTO_INHERITED| SE_DESC_DACL_AUTO_INHERIT_REQ) ) { - status = append_parent_acl(fsp, &sbuf, psd, &psd); + SEC_DESC *new_sd = NULL; + status = append_parent_acl(fsp, psd, &new_sd); if (!NT_STATUS_IS_OK(status)) { return status; } + psd = new_sd; } acl_perms = unpack_canon_ace( fsp, &sbuf, &file_owner_sid, &file_grp_sid, diff --git a/source3/smbd/process.c b/source3/smbd/process.c index b2d19e11e3..32629fd392 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -706,7 +706,7 @@ The timeout is in milliseconds ****************************************************************************/ static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer, - size_t *buffer_len, int timeout, + size_t *buffer_len, size_t *p_unread, bool *p_encrypted) { fd_set r_fds, w_fds; @@ -720,13 +720,8 @@ static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer, again: - if (timeout >= 0) { - to.tv_sec = timeout / 1000; - to.tv_usec = (timeout % 1000) * 1000; - } else { - to.tv_sec = SMBD_SELECT_TIMEOUT; - to.tv_usec = 0; - } + to.tv_sec = SMBD_SELECT_TIMEOUT; + to.tv_usec = 0; /* * Note that this call must be before processing any SMB @@ -869,7 +864,7 @@ static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer, /* Did we timeout ? */ if (selrtn == 0) { - return NT_STATUS_IO_TIMEOUT; + goto again; } /* @@ -1837,23 +1832,6 @@ void chain_reply(struct smb_request *req) } /**************************************************************************** - Setup the needed select timeout in milliseconds. -****************************************************************************/ - -static int setup_select_timeout(void) -{ - int select_timeout; - - select_timeout = SMBD_SELECT_TIMEOUT*1000; - - if (print_notify_messages_pending()) { - select_timeout = MIN(select_timeout, 1000); - } - - return select_timeout; -} - -/**************************************************************************** Check if services need reloading. ****************************************************************************/ @@ -1907,113 +1885,18 @@ void check_reload(time_t t) } /**************************************************************************** - Process any timeout housekeeping. Return False if the caller should exit. -****************************************************************************/ - -static void timeout_processing(int *select_timeout, - time_t *last_timeout_processing_time) -{ - time_t t; - - *last_timeout_processing_time = t = time(NULL); - - /* become root again if waiting */ - change_to_root_user(); - - /* check if we need to reload services */ - check_reload(t); - - if(global_machine_password_needs_changing && - /* for ADS we need to do a regular ADS password change, not a domain - password change */ - lp_security() == SEC_DOMAIN) { - - unsigned char trust_passwd_hash[16]; - time_t lct; - void *lock; - - /* - * We're in domain level security, and the code that - * read the machine password flagged that the machine - * password needs changing. - */ - - /* - * First, open the machine password file with an exclusive lock. - */ - - lock = secrets_get_trust_account_lock(NULL, lp_workgroup()); - - if (lock == NULL) { - DEBUG(0,("process: unable to lock the machine account password for \ -machine %s in domain %s.\n", global_myname(), lp_workgroup() )); - return; - } - - if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) { - DEBUG(0,("process: unable to read the machine account password for \ -machine %s in domain %s.\n", global_myname(), lp_workgroup())); - TALLOC_FREE(lock); - return; - } - - /* - * Make sure someone else hasn't already done this. - */ - - if(t < lct + lp_machine_password_timeout()) { - global_machine_password_needs_changing = False; - TALLOC_FREE(lock); - return; - } - - /* always just contact the PDC here */ - - change_trust_account_password( lp_workgroup(), NULL); - global_machine_password_needs_changing = False; - TALLOC_FREE(lock); - } - - /* update printer queue caches if necessary */ - - update_monitored_printq_cache(); - - /* - * Now we are root, check if the log files need pruning. - * Force a log file check. - */ - force_check_log_size(); - check_log_size(); - - /* Send any queued printer notify message to interested smbd's. */ - - print_notify_send_messages(smbd_messaging_context(), 0); - - /* - * Modify the select timeout depending upon - * what we have remaining in our queues. - */ - - *select_timeout = setup_select_timeout(); - - return; -} - -/**************************************************************************** Process commands from the client ****************************************************************************/ void smbd_process(void) { - time_t last_timeout_processing_time = time(NULL); unsigned int num_smbs = 0; size_t unread_bytes = 0; max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); while (True) { - int select_timeout = setup_select_timeout(); - int num_echos; + NTSTATUS status; char *inbuf = NULL; size_t inbuf_len = 0; bool encrypted = false; @@ -2021,82 +1904,24 @@ void smbd_process(void) errno = 0; - /* Did someone ask for immediate checks on things like blocking locks ? */ - if (select_timeout == 0) { - timeout_processing(&select_timeout, - &last_timeout_processing_time); - num_smbs = 0; /* Reset smb counter. */ - } - run_events(smbd_event_context(), 0, NULL, NULL); - while (True) { - NTSTATUS status; - - status = receive_message_or_smb( - talloc_tos(), &inbuf, &inbuf_len, - select_timeout, &unread_bytes, &encrypted); - - if (NT_STATUS_IS_OK(status)) { - break; - } - - if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { - timeout_processing( - &select_timeout, - &last_timeout_processing_time); - continue; - } + status = receive_message_or_smb( + talloc_tos(), &inbuf, &inbuf_len, + &unread_bytes, &encrypted); + if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("receive_message_or_smb failed: %s, " "exiting\n", nt_errstr(status))); return; - - num_smbs = 0; /* Reset smb counter. */ } - - /* - * Ensure we do timeout processing if the SMB we just got was - * only an echo request. This allows us to set the select - * timeout in 'receive_message_or_smb()' to any value we like - * without worrying that the client will send echo requests - * faster than the select timeout, thus starving out the - * essential processing (change notify, blocking locks) that - * the timeout code does. JRA. - */ - num_echos = smb_echo_count; - process_smb(inbuf, inbuf_len, unread_bytes, encrypted); TALLOC_FREE(inbuf); - if (smb_echo_count != num_echos) { - timeout_processing(&select_timeout, - &last_timeout_processing_time); - num_smbs = 0; /* Reset smb counter. */ - } - num_smbs++; - /* - * If we are getting smb requests in a constant stream - * with no echos, make sure we attempt timeout processing - * every select_timeout milliseconds - but only check for this - * every 200 smb requests. - */ - - if ((num_smbs % 200) == 0) { - time_t new_check_time = time(NULL); - if(new_check_time - last_timeout_processing_time >= (select_timeout/1000)) { - timeout_processing( - &select_timeout, - &last_timeout_processing_time); - num_smbs = 0; /* Reset smb counter. */ - last_timeout_processing_time = new_check_time; /* Reset time. */ - } - } - /* The timeout_processing function isn't run nearly often enough to implement 'max log size' without overrunning the size of the file by many megabytes. diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6933533672..48403073f7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -29,7 +29,6 @@ /* look in server.c for some explanation of these variables */ extern enum protocol_types Protocol; extern int max_recv; -unsigned int smb_echo_count = 0; extern uint32 global_client_caps; extern bool global_encrypted_passwords_negotiated; @@ -340,8 +339,7 @@ bool check_fsp_open(connection_struct *conn, struct smb_request *req, } /**************************************************************************** - Check if we have a correct fsp pointing to a file. Replacement for the - CHECK_FSP macro. + Check if we have a correct fsp pointing to a file. ****************************************************************************/ bool check_fsp(connection_struct *conn, struct smb_request *req, @@ -4273,7 +4271,7 @@ void reply_close(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); /* - * We can only use CHECK_FSP if we know it's not a directory. + * We can only use check_fsp if we know it's not a directory. */ if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) { @@ -4611,8 +4609,6 @@ void reply_echo(struct smb_request *req) TALLOC_FREE(req->outbuf); - smb_echo_count++; - END_PROFILE(SMBecho); return; } @@ -5583,10 +5579,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, lck, newname); - notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname); + rename_open_files(conn, lck, newname); + /* * A rename acts as a new file create w.r.t. allowing an initial delete * on close, probably because in Windows there is a new handle to the diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 53116f3d98..69a483e4fc 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -1067,6 +1067,30 @@ static bool deadtime_fn(const struct timeval *now, void *private_data) return True; } +/* + * Do the recurring log file and smb.conf reload checks. + */ + +static bool housekeeping_fn(const struct timeval *now, void *private_data) +{ + change_to_root_user(); + + /* update printer queue caches if necessary */ + update_monitored_printq_cache(); + + /* check if we need to reload services */ + check_reload(time(NULL)); + + /* Change machine password if neccessary. */ + attempt_machine_password_change(); + + /* + * Force a log file check. + */ + force_check_log_size(); + check_log_size(); + return true; +} /**************************************************************************** main program. @@ -1426,6 +1450,13 @@ extern void build_options(bool screen); exit(1); } + if (!(event_add_idle(smbd_event_context(), NULL, + timeval_set(SMBD_SELECT_TIMEOUT, 0), + "housekeeping", housekeeping_fn, NULL))) { + DEBUG(0, ("Could not add housekeeping event\n")); + exit(1); + } + #ifdef CLUSTER_SUPPORT if (lp_clustering()) { diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 2e2da5cc71..1e2095a3ea 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1892,7 +1892,7 @@ static void call_trans2findfirst(connection_struct *conn, bool requires_resume_key; int info_level; char *directory = NULL; - const char *mask = NULL; + char *mask = NULL; char *p; int last_entry_off=0; int dptr_num = -1; @@ -1980,7 +1980,7 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n", return; } - ntstatus = unix_convert(ctx, conn, directory, True, &directory, NULL, &sbuf); + ntstatus = unix_convert(ctx, conn, directory, True, &directory, &mask, &sbuf); if (!NT_STATUS_IS_OK(ntstatus)) { reply_nterror(req, ntstatus); return; @@ -1996,10 +1996,12 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n", if(p == NULL) { /* Windows and OS/2 systems treat search on the root '\' as if it were '\*' */ if((directory[0] == '.') && (directory[1] == '\0')) { - mask = "*"; + mask = talloc_strdup(ctx,"*"); + if (!mask) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } mask_contains_wcard = True; - } else { - mask = directory; } directory = talloc_strdup(talloc_tos(), "./"); if (!directory) { @@ -2007,7 +2009,6 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n", return; } } else { - mask = p+1; *p = 0; } diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 7dbe518c3d..627374cb96 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -43,7 +43,7 @@ static const char *assume_own_realm(struct net_context *c) static int net_ads_cldap_netlogon(struct net_context *c, ADS_STRUCT *ads) { char addr[INET6_ADDRSTRLEN]; - struct nbt_cldap_netlogon_5 reply; + struct NETLOGON_SAM_LOGON_RESPONSE_EX reply; print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); if ( !ads_cldap_netlogon_5(talloc_tos(), addr, ads->server.realm, &reply ) ) { @@ -55,15 +55,15 @@ static int net_ads_cldap_netlogon(struct net_context *c, ADS_STRUCT *ads) addr); d_printf("Response Type: "); - switch (reply.type) { - case SAMLOGON_AD_UNK_R: - d_printf("SAMLOGON\n"); + switch (reply.command) { + case LOGON_SAM_LOGON_USER_UNKNOWN_EX: + d_printf("LOGON_SAM_LOGON_USER_UNKNOWN_EX\n"); break; - case SAMLOGON_AD_R: - d_printf("SAMLOGON_USER\n"); + case LOGON_SAM_LOGON_RESPONSE_EX: + d_printf("LOGON_SAM_LOGON_RESPONSE_EX\n"); break; default: - d_printf("0x%x\n", reply.type); + d_printf("0x%x\n", reply.command); break; } @@ -359,7 +359,7 @@ static int net_ads_workgroup(struct net_context *c, int argc, const char **argv) { ADS_STRUCT *ads; char addr[INET6_ADDRSTRLEN]; - struct nbt_cldap_netlogon_5 reply; + struct NETLOGON_SAM_LOGON_RESPONSE_EX reply; if (c->display_usage) { d_printf("Usage:\n" diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c index 14d45e2b0f..4e617a1968 100644 --- a/source3/utils/net_dns.c +++ b/source3/utils/net_dns.c @@ -145,14 +145,14 @@ error: int get_my_ip_address( struct sockaddr_storage **pp_ss ) { - struct iface_struct nics[MAX_INTERFACES]; int i, n; struct sockaddr_storage *list = NULL; int count = 0; - /* find the first non-loopback address from our list of interfaces */ + /* Honor the configured list of interfaces to register */ - n = get_interfaces(nics, MAX_INTERFACES); + load_interfaces(); + n = iface_count(); if (n <= 0) { return -1; @@ -163,19 +163,17 @@ int get_my_ip_address( struct sockaddr_storage **pp_ss ) } for ( i=0; i<n; i++ ) { - if (is_loopback_addr(&nics[i].ip)) { + const struct sockaddr_storage *nic_sa_storage = NULL; + + if ((nic_sa_storage = iface_n_sockaddr_storage(i)) == NULL) + continue; + + /* Don't register loopback addresses */ + if (is_loopback_addr(nic_sa_storage)) { continue; } -#if defined(HAVE_IPV6) - if ((nics[i].ip.ss_family == AF_INET6)) { - memcpy(&list[count++], &nics[i].ip, - sizeof(struct sockaddr_storage)); - } else -#endif - if (nics[i].ip.ss_family == AF_INET) { - memcpy(&list[count++], &nics[i].ip, - sizeof(struct sockaddr_storage)); - } + + memcpy(&list[count++], nic_sa_storage, sizeof(struct sockaddr_storage)); } *pp_ss = list; diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h index 1e355e54a3..ee4388f157 100644 --- a/source3/utils/net_proto.h +++ b/source3/utils/net_proto.h @@ -471,6 +471,8 @@ int net_run_function(struct net_context *c, int argc, const char **argv, const char *whoami, struct functable *table); void net_display_usage_from_functable(struct functable *table); +const char *net_share_type_str(int num_type); + /* The following definitions come from utils/netlookup.c */ NTSTATUS net_lookup_name_from_sid(struct net_context *c, diff --git a/source3/utils/net_rap.c b/source3/utils/net_rap.c index 883524dc2d..32f4dd31b4 100644 --- a/source3/utils/net_rap.c +++ b/source3/utils/net_rap.c @@ -34,13 +34,6 @@ #define ERRMSG_BOTH_SERVER_IPADDRESS "\nTarget server and IP address both "\ "specified. Do not set both at the same time. The target IP address was used\n" -const char *share_type[] = { - "Disk", - "Print", - "Dev", - "IPC" -}; - static int errmsg_not_implemented(void) { d_printf("\nNot implemented\n"); @@ -201,7 +194,7 @@ static void long_share_fn(const char *share_name, uint32 type, const char *comment, void *state) { d_printf("%-12s %-8.8s %-50s\n", - share_name, share_type[type], comment); + share_name, net_share_type_str(type), comment); } static void share_fn(const char *share_name, uint32 type, @@ -388,7 +381,7 @@ static void display_conns_func(uint16 conn_id, uint16 conn_type, uint16 opens, const char *username, const char *netname) { d_printf("%-14.14s %-8.8s %5d\n", - netname, share_type[conn_type], opens); + netname, net_share_type_str(conn_type), opens); } static int rap_session_info(struct net_context *c, int argc, const char **argv) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index a849ec4c10..0e91144d33 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -26,8 +26,6 @@ static int net_mode_share; static bool sync_files(struct copy_clistate *cp_clistate, const char *mask); -extern const char *share_type[]; - /** * @file net_rpc.c * @@ -2876,7 +2874,7 @@ static void display_share_info_1(struct net_context *c, if (c->opt_long_list_entries) { d_printf("%-12s %-8.8s %-50s\n", r->shi1_netname, - share_type[r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], + net_share_type_str(r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)), r->shi1_remark); } else { d_printf("%s\n", r->shi1_netname); diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 124af00b57..005e3ca556 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -1186,7 +1186,7 @@ static NTSTATUS rpc_registry_getsd_internal(struct net_context *c, blob.data = sd->data; blob.length = sd->size; - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &sec_desc, + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &sec_desc, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c index 88850d29df..fbb3c24b03 100644 --- a/source3/utils/net_util.c +++ b/source3/utils/net_util.c @@ -2,6 +2,7 @@ * Unix SMB/CIFS implementation. * Helper routines for net * Copyright (C) Volker Lendecke 2006 + * Copyright (C) Kai Blin 2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -595,3 +596,14 @@ void net_display_usage_from_functable(struct functable *table) d_printf("%s\n", table[i].usage); } } + +const char *net_share_type_str(int num_type) +{ + switch(num_type) { + case 0: return "Disk"; + case 1: return "Print"; + case 2: return "Dev"; + case 3: return "IPC"; + default: return "Unknown"; + } +} diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 46f9ecdc7d..3ad949a6d3 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -153,7 +153,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) unsigned int aflags = 0; unsigned int amask = 0; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); TALLOC_CTX *frame = talloc_stackframe(); diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index d488ce2187..eda8732c89 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -275,7 +275,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, unsigned int aflags = 0; unsigned int amask = 0; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); TALLOC_CTX *frame = talloc_stackframe(); diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 527db2d805..4370d49523 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -329,9 +329,12 @@ rameter is ignored when using CUPS libraries.\n", cname = poptGetArg(pc); caddr = poptGetArg(pc); + poptFreeContext(pc); + if ( cname && ! caddr ) { printf ( "ERROR: You must specify both a machine name and an IP address.\n" ); - return(1); + ret = 1; + goto done; } if (new_local_machine) { @@ -346,7 +349,8 @@ rameter is ignored when using CUPS libraries.\n", if (!lp_load_with_registry_shares(config_file,False,True,False,True)) { fprintf(stderr,"Error loading services.\n"); - return(1); + ret = 1; + goto done; } fprintf(stderr,"Loaded services file OK.\n"); @@ -393,13 +397,15 @@ rameter is ignored when using CUPS libraries.\n", (s=lp_servicenumber(section_name)) == -1) { fprintf(stderr,"Unknown section %s\n", section_name); - return(1); + ret = 1; + goto done; } if (parameter_name) { if (!dump_a_parameter( s, parameter_name, stdout, isGlobal)) { fprintf(stderr,"Parameter %s unknown for section %s\n", parameter_name, section_name); - return(1); + ret = 1; + goto done; } } else { if (isGlobal == True) @@ -407,7 +413,7 @@ rameter is ignored when using CUPS libraries.\n", else lp_dump_one(stdout, show_defaults, s); } - return(ret); + goto done; } lp_dump(stdout, show_defaults, lp_numservices()); @@ -428,7 +434,10 @@ rameter is ignored when using CUPS libraries.\n", } } } + +done: TALLOC_FREE(frame); - return(ret); + gfree_loadparm(); + return ret; } diff --git a/source3/web/statuspage.c b/source3/web/statuspage.c index ce24c7cddd..e684a075c2 100644 --- a/source3/web/statuspage.c +++ b/source3/web/statuspage.c @@ -43,9 +43,10 @@ static void initPid2Machine (void) { /* show machine name rather PID on table "Open Files"? */ if (PID_or_Machine) { - PIDMAP *p; + PIDMAP *p, *next; - for (p = pidmap; p != NULL; ) { + for (p = pidmap; p != NULL; p = next) { + next = p->next; DLIST_REMOVE(pidmap, p); SAFE_FREE(p->machine); SAFE_FREE(p); diff --git a/source3/winbindd/idmap_adex/cell_util.c b/source3/winbindd/idmap_adex/cell_util.c new file mode 100644 index 0000000000..f5c08a0454 --- /dev/null +++ b/source3/winbindd/idmap_adex/cell_util.c @@ -0,0 +1,292 @@ +/* + * idmap_adex: Support for AD Forests + * + * Copyright (C) Gerald (Jerry) Carter 2006-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +/********************************************************************** +**********************************************************************/ + + char *find_attr_string(char **list, size_t num_lines, const char *substr) +{ + int i; + int cmplen = strlen(substr); + + for (i = 0; i < num_lines; i++) { + /* make sure to avoid substring matches like uid + and uidNumber */ + if ((StrnCaseCmp(list[i], substr, cmplen) == 0) && + (list[i][cmplen] == '=')) { + /* Don't return an empty string */ + if (list[i][cmplen + 1] != '\0') + return &(list[i][cmplen + 1]); + + return NULL; + } + } + + return NULL; +} + +/********************************************************************** +**********************************************************************/ + + bool is_object_class(char **list, size_t num_lines, const char *substr) +{ + int i; + + for (i = 0; i < num_lines; i++) { + if (strequal(list[i], substr)) { + return true; + } + } + + return false; +} + +/********************************************************************** + Find out about the cell (e.g. use2307Attrs, etc...) +**********************************************************************/ + + NTSTATUS cell_lookup_settings(struct likewise_cell * cell) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + /* Parameter check */ + + if (!cell) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Only supporting Forest-wide, schema based searches */ + + cell_set_flags(cell, LWCELL_FLAG_USE_RFC2307_ATTRS); + cell_set_flags(cell, LWCELL_FLAG_SEARCH_FOREST); + + cell->provider = &ccp_unified; + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(1,("LWI: Failed to obtain cell settings (%s)\n", + nt_errstr(nt_status))); + } + + return nt_status; +} + + +static NTSTATUS cell_lookup_forest(struct likewise_cell *c) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct gc_info *gc = NULL; + + if (!c) { + return NT_STATUS_INVALID_PARAMETER; + } + + if ((gc = TALLOC_ZERO_P(NULL, struct gc_info)) == NULL) { + nt_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Query the rootDSE for the forest root naming conect first. + Check that the a GC server for the forest has not already + been added */ + + nt_status = gc_find_forest_root(gc, cell_dns_domain(c)); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + c->forest_name = talloc_strdup(c, gc->forest_name); + BAIL_ON_PTR_ERROR(c->forest_name, nt_status); + +done: + if (gc) { + talloc_free(gc); + } + + return nt_status; +} + +/********************************************************************** +**********************************************************************/ + + NTSTATUS cell_locate_membership(ADS_STRUCT * ads) +{ + ADS_STATUS status; + char *domain_dn = ads_build_dn(lp_realm()); + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + DOM_SID sid; + struct likewise_cell *cell = NULL; + + /* In the Likewise plugin, I had to support the concept of cells + based on the machine's membership in an OU. However, now I'll + just assume our membership in the forest cell */ + + DEBUG(2, ("locate_cell_membership: Located membership " + "in cell \"%s\"\n", domain_dn)); + + if ((cell = cell_new()) == NULL) { + nt_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + status = ads_domain_sid(ads, &sid); + if (!ADS_ERR_OK(status)) { + DEBUG(3,("locate_cell_membership: Failed to find " + "domain SID for %s\n", domain_dn)); + } + + /* save the SID and search base for our domain */ + + cell_set_dns_domain(cell, lp_realm()); + cell_set_connection(cell, ads); + cell_set_dn(cell, domain_dn); + cell_set_domain_sid(cell, &sid); + + /* Now save our forest root */ + + cell_lookup_forest(cell); + + /* Add the cell to the list */ + + if (!cell_list_add(cell)) { + nt_status = NT_STATUS_INSUFFICIENT_RESOURCES; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Done! */ + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(0,("LWI: Failed to locate cell membership (%s)\n", + nt_errstr(nt_status))); + } + + SAFE_FREE(domain_dn); + + return nt_status; +} + +/********************************************************************* + ********************************************************************/ + + int min_id_value(void) +{ + int id_val; + + id_val = lp_parm_int(-1, "lwidentity", "min_id_value", MIN_ID_VALUE); + + /* Still don't let it go below 50 */ + + return MAX(50, id_val); +} + +/******************************************************************** + *******************************************************************/ + + char *cell_dn_to_dns(const char *dn) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *domain = NULL; + char *dns_name = NULL; + const char *tmp_dn; + char *buffer = NULL; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!dn || !*dn) { + goto done; + } + + tmp_dn = talloc_strdup(frame, dn); + BAIL_ON_PTR_ERROR(tmp_dn, nt_status); + + while (next_token_talloc(frame, &tmp_dn, &buffer, ",")) { + + /* skip everything up the where DC=... begins */ + if (StrnCaseCmp(buffer, "DC=", 3) != 0) + continue; + + if (!domain) { + domain = talloc_strdup(frame, &buffer[3]); + } else { + domain = talloc_asprintf_append(domain, ".%s", + &buffer[3]); + } + BAIL_ON_PTR_ERROR(domain, nt_status); + } + + dns_name = SMB_STRDUP(domain); + BAIL_ON_PTR_ERROR(dns_name, nt_status); + + nt_status = NT_STATUS_OK; + +done: + PRINT_NTSTATUS_ERROR(nt_status, "cell_dn_to_dns", 1); + + talloc_destroy(frame); + + return dns_name; +} + +/********************************************************************* + ********************************************************************/ + + NTSTATUS get_sid_type(ADS_STRUCT *ads, + LDAPMessage *msg, + enum lsa_SidType *type) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + uint32_t atype; + + if (!ads_pull_uint32(ads, msg, "sAMAccountType", &atype)) { + nt_status = NT_STATUS_INVALID_USER_BUFFER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + switch (atype &0xF0000000) { + case ATYPE_SECURITY_GLOBAL_GROUP: + *type = SID_NAME_DOM_GRP; + break; + case ATYPE_SECURITY_LOCAL_GROUP: + *type = SID_NAME_ALIAS; + break; + case ATYPE_NORMAL_ACCOUNT: + case ATYPE_WORKSTATION_TRUST: + case ATYPE_INTERDOMAIN_TRUST: + *type = SID_NAME_USER; + break; + default: + *type = SID_NAME_USE_NONE; + nt_status = NT_STATUS_INVALID_ACCOUNT_NAME; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + return nt_status; +} diff --git a/source3/winbindd/idmap_adex/domain_util.c b/source3/winbindd/idmap_adex/domain_util.c new file mode 100644 index 0000000000..6851503cc8 --- /dev/null +++ b/source3/winbindd/idmap_adex/domain_util.c @@ -0,0 +1,286 @@ +/* + * idmap_adex: Domain search interface + * + * Copyright (C) Gerald (Jerry) Carter 2007-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +struct dc_info { + struct dc_info *prev, *next; + char *dns_name; + struct likewise_cell *domain_cell; +}; + +static struct dc_info *_dc_server_list = NULL; + + +/********************************************************************** + *********************************************************************/ + +static struct dc_info *dc_list_head(void) +{ + return _dc_server_list; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS dc_add_domain(const char *domain) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct dc_info *dc = NULL; + + if (!domain) { + return NT_STATUS_INVALID_PARAMETER; + } + + DEBUG(10,("dc_add_domain: Attempting to add domain %s\n", domain)); + + /* Check for duplicates */ + + dc = dc_list_head(); + while (dc) { + if (strequal (dc->dns_name, domain)) + break; + dc = dc->next; + } + + if (dc) { + DEBUG(10,("dc_add_domain: %s already in list\n", domain)); + return NT_STATUS_OK; + } + + dc = TALLOC_ZERO_P(NULL, struct dc_info); + BAIL_ON_PTR_ERROR(dc, nt_status); + + dc->dns_name = talloc_strdup(dc, domain); + BAIL_ON_PTR_ERROR(dc->dns_name, nt_status); + + DLIST_ADD_END(_dc_server_list, dc, struct dc_info*); + + nt_status = NT_STATUS_OK; + + DEBUG(5,("dc_add_domain: Successfully added %s\n", domain)); + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_destroy(dc); + DEBUG(0,("LWI: Failed to add new DC connection for %s (%s)\n", + domain, nt_errstr(nt_status))); + } + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static void dc_server_list_destroy(void) +{ + struct dc_info *dc = dc_list_head(); + + while (dc) { + struct dc_info *p = dc->next; + + cell_destroy(dc->domain_cell); + talloc_destroy(dc); + + dc = p; + } + + return; +} + + +/********************************************************************** + *********************************************************************/ + + NTSTATUS domain_init_list(void) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct winbindd_tdc_domain *domains = NULL; + size_t num_domains = 0; + int i; + + if (_dc_server_list != NULL) { + dc_server_list_destroy(); + } + + /* Add our domain */ + + nt_status = dc_add_domain(lp_realm()); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if (!wcache_tdc_fetch_list(&domains, &num_domains)) { + nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Add all domains with an incoming trust path */ + + for (i=0; i<num_domains; i++) { + uint32_t flags = (NETR_TRUST_FLAG_INBOUND|NETR_TRUST_FLAG_IN_FOREST); + + /* We just require one of the flags to be set here */ + + if (domains[i].trust_flags & flags) { + nt_status = dc_add_domain(domains[i].dns_name); + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + } + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(2,("LWI: Failed to initialize DC list (%s)\n", + nt_errstr(nt_status))); + } + + TALLOC_FREE(domains); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS dc_do_search(struct dc_info *dc, + const char *search_base, + int scope, + const char *expr, + const char **attrs, + LDAPMessage ** msg) +{ + ADS_STATUS status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + status = cell_do_search(dc->domain_cell, search_base, + scope, expr, attrs, msg); + nt_status = ads_ntstatus(status); + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static struct dc_info *dc_find_domain(const char *dns_domain) +{ + struct dc_info *dc = dc_list_head(); + + if (!dc) + return NULL; + + while (dc) { + if (strequal(dc->dns_name, dns_domain)) { + return dc; + } + + dc = dc->next; + } + + return NULL; +} + +/********************************************************************** + *********************************************************************/ + + NTSTATUS dc_search_domains(struct likewise_cell **cell, + LDAPMessage **msg, + const char *dn, + const DOM_SID *sid) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *frame = talloc_stackframe(); + char *dns_domain; + const char *attrs[] = { "*", NULL }; + struct dc_info *dc = NULL; + const char *base = NULL; + + if (!dn || !*dn) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + dns_domain = cell_dn_to_dns(dn); + BAIL_ON_PTR_ERROR(dns_domain, nt_status); + + if ((dc = dc_find_domain(dns_domain)) == NULL) { + nt_status = NT_STATUS_TRUSTED_DOMAIN_FAILURE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Reparse the cell settings for the domain if necessary */ + + if (!dc->domain_cell) { + char *base_dn; + + base_dn = ads_build_dn(dc->dns_name); + BAIL_ON_PTR_ERROR(base_dn, nt_status); + + nt_status = cell_connect_dn(&dc->domain_cell, base_dn); + SAFE_FREE(base_dn); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = cell_lookup_settings(dc->domain_cell); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* By definition this is already part of a larger + forest-wide search scope */ + + cell_set_flags(dc->domain_cell, LWCELL_FLAG_SEARCH_FOREST); + } + + /* Check whether we are operating in non-schema or RFC2307 + mode */ + + if (cell_flags(dc->domain_cell) & LWCELL_FLAG_USE_RFC2307_ATTRS) { + nt_status = dc_do_search(dc, dn, LDAP_SCOPE_BASE, + "(objectclass=*)", attrs, msg); + } else { + const char *sid_str = NULL; + char *filter = NULL; + + sid_str = sid_string_talloc(frame, sid); + BAIL_ON_PTR_ERROR(sid_str, nt_status); + + filter = talloc_asprintf(frame, "(keywords=backLink=%s)", + sid_str); + BAIL_ON_PTR_ERROR(filter, nt_status); + + base = cell_search_base(dc->domain_cell); + BAIL_ON_PTR_ERROR(base, nt_status); + + nt_status = dc_do_search(dc, base, LDAP_SCOPE_SUBTREE, + filter, attrs, msg); + } + BAIL_ON_NTSTATUS_ERROR(nt_status); + + *cell = dc->domain_cell; + +done: + talloc_destroy(CONST_DISCARD(char*, base)); + talloc_destroy(frame); + + return nt_status; +} diff --git a/source3/winbindd/idmap_adex/gc_util.c b/source3/winbindd/idmap_adex/gc_util.c new file mode 100644 index 0000000000..6dc02336d5 --- /dev/null +++ b/source3/winbindd/idmap_adex/gc_util.c @@ -0,0 +1,848 @@ +/* + * idmap_adex: Global Catalog search interface + * + * Copyright (C) Gerald (Jerry) Carter 2007-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +static struct gc_info *_gc_server_list = NULL; + + +/********************************************************************** + *********************************************************************/ + +static struct gc_info *gc_list_head(void) +{ + return _gc_server_list; +} + +/********************************************************************** + Checks if either of the domains is a subdomain of the other + *********************************************************************/ + +static bool is_subdomain(const char* a, const char *b) +{ + char *s; + TALLOC_CTX *frame = talloc_stackframe(); + char *x, *y; + bool ret = false; + + /* Trivial cases */ + + if (!a && !b) + return true; + + if (!a || !b) + return false; + + /* Normalize the case */ + + x = talloc_strdup(frame, a); + y = talloc_strdup(frame, b); + if (!x || !y) { + ret = false; + goto done; + } + + strupper_m(x); + strupper_m(y); + + /* Exact match */ + + if (strcmp(x, y) == 0) { + ret = true; + goto done; + } + + /* Check for trailing substrings */ + + s = strstr_m(x, y); + if (s && (strlen(s) == strlen(y))) { + ret = true; + goto done; + } + + s = strstr_m(y, x); + if (s && (strlen(s) == strlen(x))) { + ret = true; + goto done; + } + +done: + talloc_destroy(frame); + + return ret; +} + +/********************************************************************** + *********************************************************************/ + + NTSTATUS gc_find_forest_root(struct gc_info *gc, const char *domain) +{ + ADS_STRUCT *ads = NULL; + ADS_STATUS ads_status; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!gc || !domain) { + return NT_STATUS_INVALID_PARAMETER; + } + + ZERO_STRUCT(cldap_reply); + + ads = ads_init(domain, NULL, NULL); + BAIL_ON_PTR_ERROR(ads, nt_status); + + ads->auth.flags = ADS_AUTH_NO_BIND; + ads_status = ads_connect(ads); + if (!ADS_ERR_OK(ads_status)) { + DEBUG(4, ("find_forest_root: ads_connect(%s) failed! (%s)\n", + domain, ads_errstr(ads_status))); + } + nt_status = ads_ntstatus(ads_status); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if (!ads_cldap_netlogon_5(frame, + ads->config.ldap_server_name, + ads->config.realm, + &cldap_reply)) + { + DEBUG(4,("find_forest_root: Failed to get a CLDAP reply from %s!\n", + ads->server.ldap_server)); + nt_status = NT_STATUS_IO_TIMEOUT; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + gc->forest_name = talloc_strdup(gc, cldap_reply.forest); + BAIL_ON_PTR_ERROR(gc->forest_name, nt_status); + +done: + if (ads) { + ads_destroy(&ads); + } + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS gc_add_forest(const char *domain) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct gc_info *gc = NULL; + struct gc_info *find_gc = NULL; + char *dn; + ADS_STRUCT *ads = NULL; + struct likewise_cell *primary_cell = NULL; + + primary_cell = cell_list_head(); + if (!primary_cell) { + nt_status = NT_STATUS_INVALID_SERVER_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Check for duplicates based on domain name first as this + requires no connection */ + + find_gc = gc_list_head(); + while (find_gc) { + if (strequal (find_gc->forest_name, domain)) + break; + find_gc = find_gc->next; + } + + if (find_gc) { + DEBUG(10,("gc_add_forest: %s already in list\n", find_gc->forest_name)); + return NT_STATUS_OK; + } + + if ((gc = TALLOC_ZERO_P(NULL, struct gc_info)) == NULL) { + nt_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Query the rootDSE for the forest root naming conect first. + Check that the a GC server for the forest has not already + been added */ + + nt_status = gc_find_forest_root(gc, domain); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + find_gc = gc_list_head(); + while (find_gc) { + if (strequal (find_gc->forest_name, gc->forest_name)) + break; + find_gc = find_gc->next; + } + + if (find_gc) { + DEBUG(10,("gc_add_forest: Forest %s already in list\n", + find_gc->forest_name)); + return NT_STATUS_OK; + } + + /* Not found, so add it here. Make sure we connect to + a DC in _this_ domain and not the forest root. */ + + dn = ads_build_dn(gc->forest_name); + BAIL_ON_PTR_ERROR(dn, nt_status); + + gc->search_base = talloc_strdup(gc, dn); + SAFE_FREE(dn); + BAIL_ON_PTR_ERROR(gc->search_base, nt_status); + +#if 0 + /* Can't use cell_connect_dn() here as there is no way to + specifiy the LWCELL_FLAG_GC_CELL flag setting for cell_connect() */ + + nt_status = cell_connect_dn(&gc->forest_cell, gc->search_base); + BAIL_ON_NTSTATUS_ERROR(nt_status); +#else + + gc->forest_cell = cell_new(); + BAIL_ON_PTR_ERROR(gc->forest_cell, nt_status); + + /* Set the DNS domain, dn, etc ... and add it to the list */ + + cell_set_dns_domain(gc->forest_cell, gc->forest_name); + cell_set_dn(gc->forest_cell, gc->search_base); + cell_set_flags(gc->forest_cell, LWCELL_FLAG_GC_CELL); +#endif + + /* It is possible to belong to a non-forest cell and a + non-provisioned forest (at our domain levele). In that + case, we should just inherit the flags from our primary + cell since the GC searches will match our own schema + model. */ + + if (strequal(primary_cell->forest_name, gc->forest_name) + || is_subdomain(primary_cell->dns_domain, gc->forest_name)) + { + cell_set_flags(gc->forest_cell, cell_flags(primary_cell)); + } else { + /* outside of our domain */ + + nt_status = cell_connect(gc->forest_cell); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = cell_lookup_settings(gc->forest_cell); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Drop the connection now that we have the settings */ + + ads = cell_connection(gc->forest_cell); + ads_destroy(&ads); + cell_set_connection(gc->forest_cell, NULL); + } + + DLIST_ADD_END(_gc_server_list, gc, struct gc_info*); + + DEBUG(10,("gc_add_forest: Added %s to Global Catalog list of servers\n", + gc->forest_name)); + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_destroy(gc); + DEBUG(3,("LWI: Failed to add new GC connection for %s (%s)\n", + domain, nt_errstr(nt_status))); + } + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static void gc_server_list_destroy(void) +{ + struct gc_info *gc = gc_list_head(); + + while (gc) { + struct gc_info *p = gc->next; + + cell_destroy(gc->forest_cell); + talloc_destroy(gc); + + gc = p; + } + + _gc_server_list = NULL; + + return; +} + +/********************************************************************** + Setup the initial list of forests and initial the forest cell + settings for each. FIXME!!! + *********************************************************************/ + + NTSTATUS gc_init_list(void) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct winbindd_tdc_domain *domains = NULL; + size_t num_domains = 0; + int i; + + if (_gc_server_list != NULL) { + gc_server_list_destroy(); + } + + if (!wcache_tdc_fetch_list(&domains, &num_domains)) { + nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Find our forest first. Have to try all domains here starting + with our own. gc_add_forest() filters duplicates */ + + nt_status = gc_add_forest(lp_realm()); + WARN_ON_NTSTATUS_ERROR(nt_status); + + for (i=0; i<num_domains; i++) { + uint32_t flags = (NETR_TRUST_FLAG_IN_FOREST); + + /* I think we should be able to break out of loop once + we add a GC for our forest and not have to test every one. + In fact, this entire loop is probably irrelevant since + the GC location code should always find a GC given lp_realm(). + Will have to spend time testing before making the change. + --jerry */ + + if ((domains[i].trust_flags & flags) == flags) { + nt_status = gc_add_forest(domains[i].dns_name); + WARN_ON_NTSTATUS_ERROR(nt_status); + /* Don't BAIL here since not every domain may + have a GC server */ + } + } + + /* Now add trusted forests. gc_add_forest() will filter out + duplicates. Check everything with an incoming trust path + that is not in our own forest. */ + + for (i=0; i<num_domains; i++) { + uint32_t flags = domains[i].trust_flags; + uint32_t attribs = domains[i].trust_attribs; + + /* Skip non_AD domains */ + + if (strlen(domains[i].dns_name) == 0) { + continue; + } + + /* Only add a GC for a forest outside of our own. + Ignore QUARANTINED/EXTERNAL trusts */ + + if ((flags & NETR_TRUST_FLAG_INBOUND) + && !(flags & NETR_TRUST_FLAG_IN_FOREST) + && (attribs & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)) + { + nt_status = gc_add_forest(domains[i].dns_name); + WARN_ON_NTSTATUS_ERROR(nt_status); + } + } + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(2,("LWI: Failed to initialized GC list (%s)\n", + nt_errstr(nt_status))); + } + + TALLOC_FREE(domains); + + return nt_status; +} + + +/********************************************************************** + *********************************************************************/ + + struct gc_info *gc_search_start(void) +{ + NTSTATUS nt_status = NT_STATUS_OK; + struct gc_info *gc = gc_list_head(); + + if (!gc) { + nt_status = gc_init_list(); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + gc = gc_list_head(); + } + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(2,("LWI: Failed to initialize GC list (%s)\n", + nt_errstr(nt_status))); + } + + return gc; +} + +/********************************************************************** + Search Global Catalog. Always search our own forest. The flags set + controls whether or not we search cross forest. Assume that the + resulting set is always returned from one GC so that we don't have to + both combining the LDAPMessage * results + *********************************************************************/ + + NTSTATUS gc_search_forest(struct gc_info *gc, + LDAPMessage **msg, + const char *filter) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); + const char *attrs[] = {"*", NULL}; + LDAPMessage *m = NULL; + + if (!gc || !msg || !filter) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* When you have multiple domain trees in a forest, the + GC will search all naming contexts when you send it + and empty ("") base search suffix. Tested against + Windows 2003. */ + + ads_status = cell_do_search(gc->forest_cell, "", + LDAP_SCOPE_SUBTREE, filter, attrs, &m); + nt_status = ads_ntstatus(ads_status); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + *msg = m; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(2,("LWI: Forest wide search %s failed (%s)\n", + filter, nt_errstr(nt_status))); + } + + return nt_status; +} + +/********************************************************************** + Search all forests via GC and return the results in an array of + ADS_STRUCT/LDAPMessage pairs. + *********************************************************************/ + + NTSTATUS gc_search_all_forests(const char *filter, + ADS_STRUCT ***ads_list, + LDAPMessage ***msg_list, + int *num_resp, uint32_t flags) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct gc_info *gc = NULL; + uint32_t test_flags = ADEX_GC_SEARCH_CHECK_UNIQUE; + + *ads_list = NULL; + *msg_list = NULL; + *num_resp = 0; + + if ((gc = gc_search_start()) == NULL) { + nt_status = NT_STATUS_INVALID_DOMAIN_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + while (gc) { + LDAPMessage *m = NULL; + + nt_status = gc_search_forest(gc, &m, filter); + if (!NT_STATUS_IS_OK(nt_status)) { + gc = gc->next; + continue; + } + + nt_status = add_ads_result_to_array(cell_connection(gc->forest_cell), + m, ads_list, msg_list, + num_resp); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* If there can only be one match, then we are done */ + + if ((*num_resp > 0) && ((flags & test_flags) == test_flags)) { + break; + } + + gc = gc->next; + } + + if (*num_resp == 0) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + return nt_status; +} + +/********************************************************************** + Search all forests via GC and return the results in an array of + ADS_STRUCT/LDAPMessage pairs. + *********************************************************************/ + + NTSTATUS gc_search_all_forests_unique(const char *filter, + ADS_STRUCT **ads, + LDAPMessage **msg) +{ + ADS_STRUCT **ads_list = NULL; + LDAPMessage **msg_list = NULL; + int num_resp; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + nt_status = gc_search_all_forests(filter, &ads_list, + &msg_list, &num_resp, + ADEX_GC_SEARCH_CHECK_UNIQUE); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = check_result_unique(ads_list[0], msg_list[0]); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + *ads = ads_list[0]; + *msg = msg_list[0]; + +done: + /* Be care that we don't free the msg result being returned */ + + if (!NT_STATUS_IS_OK(nt_status)) { + free_result_array(ads_list, msg_list, num_resp); + } else { + talloc_destroy(ads_list); + talloc_destroy(msg_list); + } + + return nt_status; +} + +/********************************************************************* + ********************************************************************/ + + NTSTATUS gc_name_to_sid(const char *domain, + const char *name, + DOM_SID *sid, + enum lsa_SidType *sid_type) +{ + TALLOC_CTX *frame = talloc_stackframe(); + char *p, *name_user; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *name_filter; + ADS_STRUCT *ads = NULL; + LDAPMessage *msg = NULL; + LDAPMessage *e = NULL; + char *dn = NULL; + char *dns_domain = NULL; + ADS_STRUCT **ads_list = NULL; + LDAPMessage **msg_list = NULL; + int num_resp = 0; + int i; + + /* Strip the "DOMAIN\" prefix if necessary and search for + a matching sAMAccountName in the forest */ + + if ((p = strchr_m( name, '\\' )) == NULL) + name_user = talloc_strdup( frame, name ); + else + name_user = talloc_strdup( frame, p+1 ); + BAIL_ON_PTR_ERROR(name_user, nt_status); + + name_filter = talloc_asprintf(frame, "(sAMAccountName=%s)", name_user); + BAIL_ON_PTR_ERROR(name_filter, nt_status); + + nt_status = gc_search_all_forests(name_filter, &ads_list, + &msg_list, &num_resp, 0); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Assume failure until we know otherwise*/ + + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + + /* Match the domain name from the DN */ + + for (i=0; i<num_resp; i++) { + ads = ads_list[i]; + msg = msg_list[i]; + + e = ads_first_entry(ads, msg); + while (e) { + struct winbindd_tdc_domain *domain_rec; + + dn = ads_get_dn(ads, e); + BAIL_ON_PTR_ERROR(dn, nt_status); + + dns_domain = cell_dn_to_dns(dn); + SAFE_FREE(dn); + BAIL_ON_PTR_ERROR(dns_domain, nt_status); + + domain_rec = wcache_tdc_fetch_domain(frame, dns_domain); + SAFE_FREE(dns_domain); + + /* Ignore failures and continue the search */ + + if (!domain_rec) { + e = ads_next_entry(ads, e); + continue; + } + + /* Check for a match on the domain name */ + + if (strequal(domain, domain_rec->domain_name)) { + if (!ads_pull_sid(ads, e, "objectSid", sid)) { + nt_status = NT_STATUS_INVALID_SID; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + talloc_destroy(domain_rec); + + nt_status = get_sid_type(ads, msg, sid_type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* We're done! */ + nt_status = NT_STATUS_OK; + break; + } + + /* once more around thew merry-go-round */ + + talloc_destroy(domain_rec); + e = ads_next_entry(ads, e); + } + } + +done: + free_result_array(ads_list, msg_list, num_resp); + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + Pull an attribute string value + *******************************************************************/ + +static NTSTATUS get_object_account_name(ADS_STRUCT *ads, + LDAPMessage *msg, + char **name) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *sam_name = NULL; + struct winbindd_tdc_domain *domain_rec = NULL; + char *dns_domain = NULL; + char *dn = NULL; + TALLOC_CTX *frame = talloc_stackframe(); + int len; + + /* Check parameters */ + + if (!ads || !msg || !name) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* get the name and domain */ + + dn = ads_get_dn(ads, msg); + BAIL_ON_PTR_ERROR(dn, nt_status); + + DEBUG(10,("get_object_account_name: dn = \"%s\"\n", dn)); + + dns_domain = cell_dn_to_dns(dn); + SAFE_FREE(dn); + BAIL_ON_PTR_ERROR(dns_domain, nt_status); + + domain_rec = wcache_tdc_fetch_domain(frame, dns_domain); + SAFE_FREE(dns_domain); + + if (!domain_rec) { + nt_status = NT_STATUS_TRUSTED_DOMAIN_FAILURE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + sam_name = ads_pull_string(ads, frame, msg, "sAMAccountName"); + BAIL_ON_PTR_ERROR(sam_name, nt_status); + + len = asprintf(name, "%s\\%s", domain_rec->domain_name, sam_name); + if (len == -1) { + *name = NULL; + BAIL_ON_PTR_ERROR((*name), nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(frame); + + return nt_status; +} + +/********************************************************************* + ********************************************************************/ + + NTSTATUS gc_sid_to_name(const DOM_SID *sid, + char **name, + enum lsa_SidType *sid_type) +{ + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *filter; + ADS_STRUCT *ads = NULL; + LDAPMessage *msg = NULL; + char *sid_string; + + *name = NULL; + + sid_string = sid_binstring(sid); + BAIL_ON_PTR_ERROR(sid_string, nt_status); + + filter = talloc_asprintf(frame, "(objectSid=%s)", sid_string); + SAFE_FREE(sid_string); + BAIL_ON_PTR_ERROR(filter, nt_status); + + nt_status = gc_search_all_forests_unique(filter, &ads, &msg); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_object_account_name(ads, msg, name); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_sid_type(ads, msg, sid_type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + ads_msgfree(ads, msg); + talloc_destroy(frame); + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + + NTSTATUS add_ads_result_to_array(ADS_STRUCT *ads, + LDAPMessage *msg, + ADS_STRUCT ***ads_list, + LDAPMessage ***msg_list, + int *size) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + ADS_STRUCT **ads_tmp = NULL; + LDAPMessage **msg_tmp = NULL; + int count = *size; + + if (!ads || !msg) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + +#if 0 + /* Don't add a response with no entries */ + + if (ads_count_replies(ads, msg) == 0) { + return NT_STATUS_OK; + } +#endif + + if (count == 0) { + ads_tmp = TALLOC_ARRAY(NULL, ADS_STRUCT*, 1); + BAIL_ON_PTR_ERROR(ads_tmp, nt_status); + + msg_tmp = TALLOC_ARRAY(NULL, LDAPMessage*, 1); + BAIL_ON_PTR_ERROR(msg_tmp, nt_status); + } else { + ads_tmp = TALLOC_REALLOC_ARRAY(*ads_list, *ads_list, ADS_STRUCT*, + count+1); + BAIL_ON_PTR_ERROR(ads_tmp, nt_status); + + msg_tmp = TALLOC_REALLOC_ARRAY(*msg_list, *msg_list, LDAPMessage*, + count+1); + BAIL_ON_PTR_ERROR(msg_tmp, nt_status); + } + + ads_tmp[count] = ads; + msg_tmp[count] = msg; + count++; + + *ads_list = ads_tmp; + *msg_list = msg_tmp; + *size = count; + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_destroy(ads_tmp); + talloc_destroy(msg_tmp); + } + + return nt_status; +} + +/********************************************************************** + Frees search results. Do not free the ads_list as these are + references back to the GC search structures. + *********************************************************************/ + + void free_result_array(ADS_STRUCT **ads_list, + LDAPMessage **msg_list, + int num_resp) +{ + int i; + + for (i=0; i<num_resp; i++) { + ads_msgfree(ads_list[i], msg_list[i]); + } + + talloc_destroy(ads_list); + talloc_destroy(msg_list); +} + +/********************************************************************** + Check that we have exactly one entry from the search + *********************************************************************/ + + NTSTATUS check_result_unique(ADS_STRUCT *ads, LDAPMessage *msg) +{ + NTSTATUS nt_status; + int count; + + count = ads_count_replies(ads, msg); + + if (count <= 0) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if (count > 1) { + nt_status = NT_STATUS_DUPLICATE_NAME; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + return nt_status; +} diff --git a/source3/winbindd/idmap_adex/idmap_adex.c b/source3/winbindd/idmap_adex/idmap_adex.c new file mode 100644 index 0000000000..7596b1cbd8 --- /dev/null +++ b/source3/winbindd/idmap_adex/idmap_adex.c @@ -0,0 +1,460 @@ +/* + * idmap_adex: Support for D Forests + * + * Copyright (C) Gerald (Jerry) Carter 2006-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +#define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache" + +NTSTATUS init_module(void); + +/* + * IdMap backend + */ + +/******************************************************************** + Basic init function responsible for determining our current mode + (standalone or using Centeris Cells). This must return success or + it will be dropped from the idmap backend list. + *******************************************************************/ + +static NTSTATUS _idmap_adex_init(struct idmap_domain *dom, + const char *params) +{ + ADS_STRUCT *ads = NULL; + ADS_STATUS status; + static NTSTATUS init_status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND; + DOM_SID domain_sid; + fstring dcname; + struct sockaddr_storage ip; + struct likewise_cell *lwcell; + + if (NT_STATUS_IS_OK(init_status)) + return NT_STATUS_OK; + + /* Silently fail if we are not a member server in security = ads */ + + if ((lp_server_role() != ROLE_DOMAIN_MEMBER) || + (lp_security() != SEC_ADS)) { + init_status = NT_STATUS_INVALID_SERVER_STATE; + BAIL_ON_NTSTATUS_ERROR(init_status); + } + + /* fetch our domain SID first */ + + if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { + init_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + BAIL_ON_NTSTATUS_ERROR(init_status); + } + + /* reuse the same ticket cache as winbindd */ + + setenv("KRB5CCNAME", WINBIND_CCACHE_NAME, 1); + + /* Establish a connection to a DC */ + + if ((ads = ads_init(lp_realm(), lp_workgroup(), NULL)) == NULL) { + init_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(init_status); + } + + ads->auth.password = + secrets_fetch_machine_password(lp_workgroup(), NULL, NULL); + ads->auth.realm = SMB_STRDUP(lp_realm()); + + /* get the DC name here to setup the server affinity cache and + local krb5.conf */ + + get_dc_name(lp_workgroup(), lp_realm(), dcname, &ip); + + status = ads_connect(ads); + if (!ADS_ERR_OK(status)) { + DEBUG(0, ("_idmap_adex_init: ads_connect() failed! (%s)\n", + ads_errstr(status))); + } + init_status = ads_ntstatus(status); + BAIL_ON_NTSTATUS_ERROR(init_status); + + + /* Find out cell membership */ + + init_status = cell_locate_membership(ads); + if (!NT_STATUS_IS_OK(init_status)) { + DEBUG(0,("LWI: Fail to locate cell membership (%s).", + nt_errstr(init_status))); + goto done; + } + + /* Fill in the cell information */ + + lwcell = cell_list_head(); + + init_status = cell_lookup_settings(lwcell); + BAIL_ON_NTSTATUS_ERROR(init_status); + + /* Miscellaneous setup. E.g. set up the list of GC + servers and domain list for our forest (does not actually + connect). */ + + init_status = gc_init_list(); + BAIL_ON_NTSTATUS_ERROR(init_status); + + init_status = domain_init_list(); + BAIL_ON_NTSTATUS_ERROR(init_status); + +done: + if (!NT_STATUS_IS_OK(init_status)) { + DEBUG(1,("Likewise initialization failed (%s)\n", + nt_errstr(init_status))); + } + + /* cleanup */ + + if (!NT_STATUS_IS_OK(init_status)) { + cell_list_destroy(); + + /* init_status stores the failure reason but we need to + return success or else idmap_init() will drop us from the + backend list */ + return NT_STATUS_OK; + } + + init_status = NT_STATUS_OK; + + return init_status; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_get_sid_from_id(struct + idmap_domain + *dom, struct + id_map + **ids) +{ + int i; + bool one_mapped = false; + bool all_mapped = true; + NTSTATUS nt_status; + struct likewise_cell *cell; + + nt_status = _idmap_adex_init(dom, NULL); + if (!NT_STATUS_IS_OK(nt_status)) + return nt_status; + + if ((cell = cell_list_head()) == NULL) { + return NT_STATUS_INVALID_SERVER_STATE; + } + + /* have to work through these one by one */ + for (i = 0; ids[i]; i++) { + NTSTATUS status; + status = cell->provider->get_sid_from_id(ids[i]->sid, + ids[i]->xid.id, + ids[i]->xid.type); + /* Fail if we cannot find any DC */ + if (NT_STATUS_EQUAL + (status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) { + return status; + } + + if (!NT_STATUS_IS_OK(status)) { + ids[i]->status = ID_UNMAPPED; + all_mapped = false; + continue; + } + + ids[i]->status = ID_MAPPED; + one_mapped = true; + } + + return NT_STATUS_OK; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_get_id_from_sid(struct + idmap_domain + *dom, struct + id_map + **ids) +{ + int i; + bool one_mapped = false; + bool all_mapped = true; + NTSTATUS nt_status; + struct likewise_cell *cell; + + nt_status = _idmap_adex_init(dom, NULL); + if (!NT_STATUS_IS_OK(nt_status)) + return nt_status; + + if ((cell = cell_list_head()) == NULL) { + return NT_STATUS_INVALID_SERVER_STATE; + } + + /* have to work through these one by one */ + for (i = 0; ids[i]; i++) { + NTSTATUS status; + status = cell->provider->get_id_from_sid(&ids[i]->xid.id, + &ids[i]->xid. + type, ids[i]->sid); + /* Fail if we cannot find any DC */ + if (NT_STATUS_EQUAL + (status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) { + return status; + } + + if (!NT_STATUS_IS_OK(status)) { + ids[i]->status = ID_UNMAPPED; + all_mapped = false; + continue; + } + + ids[i]->status = ID_MAPPED; + one_mapped = true; + } + + return NT_STATUS_OK; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_set_mapping(struct + idmap_domain + *dom, const struct + id_map *map) +{ + DEBUG(0, ("_idmap_adex_set_mapping: not implemented\n")); + return NT_STATUS_NOT_IMPLEMENTED; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_remove_mapping(struct + idmap_domain + *dom, const + struct + id_map + *map) +{ + DEBUG(0, ("_idmap_adex_remove_mapping: not implemented\n")); + return NT_STATUS_NOT_IMPLEMENTED; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_dump(struct idmap_domain + *dom, struct id_map **maps, int *num_map) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _idmap_adex_close(struct idmap_domain + *dom) +{ + /* FIXME! need to do cleanup here */ + + return NT_STATUS_OK; +} + +/* + * IdMap NSS plugin + */ + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _nss_adex_init(struct nss_domain_entry + *e) +{ + return _idmap_adex_init(NULL, NULL); +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _nss_adex_get_info(struct + nss_domain_entry *e, + const DOM_SID * sid, + TALLOC_CTX * ctx, + ADS_STRUCT * ads, + LDAPMessage * msg, + char **homedir, + char **shell, char **gecos, gid_t * p_gid) +{ + NTSTATUS nt_status; + struct likewise_cell *cell; + + nt_status = _idmap_adex_init(NULL, NULL); + if (!NT_STATUS_IS_OK(nt_status)) + return nt_status; + + if ((cell = cell_list_head()) == NULL) { + return NT_STATUS_INVALID_SERVER_STATE; + } + + return cell->provider->get_nss_info(sid, ctx, homedir, + shell, gecos, p_gid); +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _nss_adex_map_to_alias(TALLOC_CTX * mem_ctx, const char + *domain, const char + *name, char **alias) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct likewise_cell *cell = NULL; + + nt_status = _idmap_adex_init(NULL, NULL); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if ((cell = cell_list_head()) == NULL) { + nt_status = NT_STATUS_INVALID_SERVER_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = cell->provider->map_to_alias(mem_ctx, domain, + name, alias); + + /* go ahead and allow the cache mgr to mark this in + negative cache */ + + if (!NT_STATUS_IS_OK(nt_status)) + nt_status = NT_STATUS_NONE_MAPPED; + +done: + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _nss_adex_map_from_alias(TALLOC_CTX * mem_ctx, const char + *domain, const char + *alias, char **name) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct likewise_cell *cell = NULL; + + nt_status = _idmap_adex_init(NULL, NULL); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if ((cell = cell_list_head()) == NULL) { + nt_status = NT_STATUS_INVALID_SERVER_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + + nt_status = cell->provider->map_from_alias(mem_ctx, domain, + alias, name); + + /* go ahead and allow the cache mgr to mark this in + negative cache */ + + if (!NT_STATUS_IS_OK(nt_status)) + nt_status = NT_STATUS_NONE_MAPPED; + +done: + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _nss_adex_close(void) +{ + return NT_STATUS_NOT_IMPLEMENTED; +} + +/********************************************************************** + *********************************************************************/ + +static struct idmap_methods adex_idmap_methods = { + + .init = _idmap_adex_init, + .unixids_to_sids = _idmap_adex_get_sid_from_id, + .sids_to_unixids = _idmap_adex_get_id_from_sid, + .set_mapping = _idmap_adex_set_mapping, + .remove_mapping = _idmap_adex_remove_mapping, + .dump_data = _idmap_adex_dump, + .close_fn = _idmap_adex_close +}; +static struct nss_info_methods adex_nss_methods = { + .init = _nss_adex_init, + .get_nss_info = _nss_adex_get_info, + .map_to_alias = _nss_adex_map_to_alias, + .map_from_alias = _nss_adex_map_from_alias, + .close_fn = _nss_adex_close +}; + +/********************************************************************** + Register with the idmap and idmap_nss subsystems. We have to protect + against the idmap and nss_info interfaces being in a half-registered + state. + **********************************************************************/ +NTSTATUS idmap_adex_init(void) +{ + static NTSTATUS idmap_status = NT_STATUS_UNSUCCESSFUL; + static NTSTATUS nss_status = NT_STATUS_UNSUCCESSFUL; + if (!NT_STATUS_IS_OK(idmap_status)) { + idmap_status = + smb_register_idmap(SMB_IDMAP_INTERFACE_VERSION, + "adex", &adex_idmap_methods); + if (!NT_STATUS_IS_OK(idmap_status)) { + DEBUG(0, + ("idmap_centeris_init: Failed to register the adex" + "idmap plugin.\n")); + return idmap_status; + } + } + + if (!NT_STATUS_IS_OK(nss_status)) { + nss_status = + smb_register_idmap_nss(SMB_NSS_INFO_INTERFACE_VERSION, + "adex", &adex_nss_methods); + if (!NT_STATUS_IS_OK(nss_status)) { + DEBUG(0, + ("idmap_adex_init: Failed to register the adex" + "nss plugin.\n")); + return nss_status; + } + } + + return NT_STATUS_OK; +} + +static NTSTATUS nss_info_adex_init(void) +{ + return idmap_adex_init(); +} diff --git a/source3/winbindd/idmap_adex/idmap_adex.h b/source3/winbindd/idmap_adex/idmap_adex.h new file mode 100644 index 0000000000..e068d5c340 --- /dev/null +++ b/source3/winbindd/idmap_adex/idmap_adex.h @@ -0,0 +1,257 @@ +/* + * idmap_centeris: Support for Local IDs and Centeris Cell Structure + * + * Copyright (C) Gerald (Jerry) Carter 2006-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#ifndef _IDMAP_ADEX_H +#define _IDMAP_ADEX_H + +#include "winbindd/winbindd.h" + +#define ADEX_CELL_RDN "$LikewiseIdentityCell" + +#define ADEX_OC_USER "centerisLikewiseUser" +#define ADEX_OC_GROUP "centerisLikewiseGroup" + +#define AD_USER "User" +#define AD_GROUP "Group" + +#define ADEX_OC_POSIX_USER "posixAccount" +#define ADEX_OC_POSIX_GROUP "posixGroup" + +#define ADEX_ATTR_UIDNUM "uidNumber" +#define ADEX_ATTR_GIDNUM "gidNUmber" +#define ADEX_ATTR_HOMEDIR "unixHomeDirectory" +#define ADEX_ATTR_USERPW "unixUserPassword" +#define ADEX_ATTR_GROUPALIAS "groupAlias" /* Not part of RFC2307 */ +#define ADEX_ATTR_SHELL "loginShell" +#define ADEX_ATTR_GECOS "gecos" +#define ADEX_ATTR_UID "uid" +#define ADEX_ATTR_DISPLAYNAME "displayName" + +#define MIN_ID_VALUE 100 + +#define BAIL_ON_NTSTATUS_ERROR(x) \ + do { \ + if (!NT_STATUS_IS_OK(x)) { \ + DEBUG(10,("Failed! (%s)\n", nt_errstr(x))); \ + goto done; \ + } \ + } \ + while (0); \ + +#define WARN_ON_NTSTATUS_ERROR(x) \ + do { \ + if (!NT_STATUS_IS_OK(x)) { \ + DEBUG(10,("Failure ignored! (%s)\n", nt_errstr(x))); \ + } \ + } \ + while (0); \ + +#define BAIL_ON_ADS_ERROR(x) \ + do { \ + if (!ADS_ERR_OK(x)) { \ + goto done; \ + } \ + } \ + while (0); + +#define BAIL_ON_PTR_ERROR(p, x) \ + do { \ + if ((p) == NULL ) { \ + DEBUG(10,("NULL pointer!\n")); \ + x = NT_STATUS_NO_MEMORY; \ + goto done; \ + } \ + } while (0); + +#define PRINT_NTSTATUS_ERROR(x, hdr, level) \ + do { \ + if (!NT_STATUS_IS_OK(x)) { \ + DEBUG(level,("LWI ("hdr"): %s\n", nt_errstr(x))); \ + } \ + } while(0); +/* + * Cell Provider API + */ + +struct cell_provider_api { + NTSTATUS(*get_sid_from_id) (DOM_SID * sid, + uint32_t id, enum id_type type); + NTSTATUS(*get_id_from_sid) (uint32_t * id, + enum id_type * type, const DOM_SID * sid); + NTSTATUS(*get_nss_info) (const DOM_SID * sid, + TALLOC_CTX * ctx, + char **homedir, + char **shell, char **gecos, gid_t * p_gid); + NTSTATUS(*map_to_alias) (TALLOC_CTX * mem_ctx, + const char *domain, + const char *name, char **alias); + NTSTATUS(*map_from_alias) (TALLOC_CTX * mem_ctx, + const char *domain, + const char *alias, char **name); +}; + +/* registered providers */ + +extern struct cell_provider_api ccp_unified; +extern struct cell_provider_api ccp_local; + +#define LWCELL_FLAG_USE_RFC2307_ATTRS 0x00000001 +#define LWCELL_FLAG_SEARCH_FOREST 0x00000002 +#define LWCELL_FLAG_GC_CELL 0x00000004 +#define LWCELL_FLAG_LOCAL_MODE 0x00000008 + +struct likewise_cell { + struct likewise_cell *prev, *next; + ADS_STRUCT *conn; + struct likewise_cell *gc_search_cell; + DOM_SID domain_sid; + char *dns_domain; + char *forest_name; + char *dn; + struct GUID *links; /* only held by owning cell */ + size_t num_links; + uint32_t flags; + struct cell_provider_api *provider; +}; + +/* Search flags used for Global Catalog API */ + +#define ADEX_GC_SEARCH_CHECK_UNIQUE 0x00000001 + +struct gc_info { + struct gc_info *prev, *next; + char *forest_name; + char *search_base; + struct likewise_cell *forest_cell; +}; + +/* Available functions outside of idmap_lwidentity.c */ + +/* cell_util.c */ + +char *find_attr_string(char **list, size_t num_lines, const char *substr); +bool is_object_class(char **list, size_t num_lines, const char *substr); +int min_id_value(void); +char *cell_dn_to_dns(const char *dn); +NTSTATUS get_sid_type(ADS_STRUCT *ads, + LDAPMessage *msg, + enum lsa_SidType *type); + +NTSTATUS cell_locate_membership(ADS_STRUCT * ads); +NTSTATUS cell_lookup_settings(struct likewise_cell * cell); +NTSTATUS cell_follow_links(struct likewise_cell *cell); +NTSTATUS cell_set_local_provider(void); + +/* likewise_cell.c */ + +struct likewise_cell *cell_new(void); +struct likewise_cell *cell_list_head(void); + +bool cell_list_add(struct likewise_cell *cell); +bool cell_list_remove(struct likewise_cell * cell); + +void cell_list_destroy(void); +void cell_destroy(struct likewise_cell *c); +void cell_set_forest_searches(struct likewise_cell *c, + bool search); +void cell_set_dns_domain(struct likewise_cell *c, + const char *dns_domain); +void cell_set_connection(struct likewise_cell *c, + ADS_STRUCT *ads); +void cell_set_dn(struct likewise_cell *c, + const char *dn); +void cell_set_domain_sid(struct likewise_cell *c, + DOM_SID *sid); +void cell_set_flags(struct likewise_cell *c, uint32_t flags); +void cell_clear_flags(struct likewise_cell *c, uint32_t flags); + +const char* cell_search_base(struct likewise_cell *c); +const char *cell_dns_domain(struct likewise_cell *c); +ADS_STRUCT *cell_connection(struct likewise_cell *c); +bool cell_search_forest(struct likewise_cell *c); +ADS_STATUS cell_do_search(struct likewise_cell *c, + const char *search_base, + int scope, + const char *expr, + const char **attrs, + LDAPMessage ** msg); +uint32_t cell_flags(struct likewise_cell *c); + +NTSTATUS cell_connect_dn(struct likewise_cell **c, + const char *dn); +NTSTATUS cell_connect(struct likewise_cell *c); + + +/* gc_util.c */ + +NTSTATUS gc_init_list(void); + +NTSTATUS gc_find_forest_root(struct gc_info *gc, + const char *domain); + +struct gc_info *gc_search_start(void); + +NTSTATUS gc_search_forest(struct gc_info *gc, + LDAPMessage **msg, + const char *filter); + +NTSTATUS gc_search_all_forests(const char *filter, + ADS_STRUCT ***ads_list, + LDAPMessage ***msg_list, + int *num_resp, uint32_t flags); + +NTSTATUS gc_search_all_forests_unique(const char *filter, + ADS_STRUCT **ads, + LDAPMessage **msg); + +NTSTATUS gc_name_to_sid(const char *domain, + const char *name, + DOM_SID *sid, + enum lsa_SidType *sid_type); + +NTSTATUS gc_sid_to_name(const DOM_SID *sid, + char **name, + enum lsa_SidType *sid_type); + +NTSTATUS add_ads_result_to_array(ADS_STRUCT *ads, + LDAPMessage *msg, + ADS_STRUCT ***ads_list, + LDAPMessage ***msg_list, + int *size); + +void free_result_array(ADS_STRUCT **ads_list, + LDAPMessage **msg_list, + int num_resp); + +NTSTATUS check_result_unique(ADS_STRUCT *ads, + LDAPMessage *msg); + + +/* domain_util.c */ + +NTSTATUS domain_init_list(void); + +NTSTATUS dc_search_domains(struct likewise_cell **cell, + LDAPMessage **msg, + const char *dn, + const DOM_SID *user_sid); + + +#endif /* _IDMAP_ADEX_H */ diff --git a/source3/winbindd/idmap_adex/likewise_cell.c b/source3/winbindd/idmap_adex/likewise_cell.c new file mode 100644 index 0000000000..7723b3e015 --- /dev/null +++ b/source3/winbindd/idmap_adex/likewise_cell.c @@ -0,0 +1,443 @@ +/* + * idmap_adex: Support for AD Forests + * + * Copyright (C) Gerald (Jerry) Carter 2006-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +static struct likewise_cell *_lw_cell_list = NULL; + +/********************************************************************** + Return the current HEAD of the list + *********************************************************************/ + + struct likewise_cell *cell_list_head(void) +{ + return _lw_cell_list; +} + + +/********************************************************************** + *********************************************************************/ + + void cell_destroy(struct likewise_cell *c) +{ + if (!c) + return; + + if (c->conn) + ads_destroy(&c->conn); + + talloc_destroy(c); +} + +/********************************************************************** + Free all cell entries and reset the list head to NULL + *********************************************************************/ + + void cell_list_destroy(void) +{ + struct likewise_cell *p = _lw_cell_list; + + while (p) { + struct likewise_cell *q = p->next; + + cell_destroy(p); + + p = q; + } + + _lw_cell_list = NULL; + + return; +} + +/********************************************************************** + Add a new cell structure to the list + *********************************************************************/ + + struct likewise_cell* cell_new(void) +{ + struct likewise_cell *c; + + /* Each cell struct is a TALLOC_CTX* */ + + c = TALLOC_ZERO_P(NULL, struct likewise_cell); + if (!c) { + DEBUG(0,("cell_new: memory allocation failure!\n")); + return NULL; + } + + return c; +} + +/********************************************************************** + Add a new cell structure to the list + *********************************************************************/ + + bool cell_list_add(struct likewise_cell * cell) +{ + if (!cell) { + return false; + } + + /* Always add to the end */ + + DLIST_ADD_END(_lw_cell_list, cell, struct likewise_cell *); + + return true; +} + +/********************************************************************** + Add a new cell structure to the list + *********************************************************************/ + + bool cell_list_remove(struct likewise_cell * cell) +{ + if (!cell) { + return false; + } + + /* Remove and drop the cell structure */ + + DLIST_REMOVE(_lw_cell_list, cell); + talloc_destroy(cell); + + return true; +} + +/********************************************************************** + Set the containing DNS domain for a cell + *********************************************************************/ + + void cell_set_dns_domain(struct likewise_cell *c, const char *dns_domain) +{ + c->dns_domain = talloc_strdup(c, dns_domain); +} + +/********************************************************************** + Set ADS connection for a cell + *********************************************************************/ + + void cell_set_connection(struct likewise_cell *c, ADS_STRUCT *ads) +{ + c->conn = ads; +} + +/********************************************************************** + *********************************************************************/ + + void cell_set_flags(struct likewise_cell *c, uint32_t flags) +{ + c->flags |= flags; +} + +/********************************************************************** + *********************************************************************/ + + void cell_clear_flags(struct likewise_cell *c, uint32_t flags) +{ + c->flags &= ~flags; +} + +/********************************************************************** + Set the Cell's DN + *********************************************************************/ + + void cell_set_dn(struct likewise_cell *c, const char *dn) +{ + if ( c->dn) { + talloc_free(c->dn); + c->dn = NULL; + } + + c->dn = talloc_strdup(c, dn); +} + +/********************************************************************** + *********************************************************************/ + + void cell_set_domain_sid(struct likewise_cell *c, DOM_SID *sid) +{ + sid_copy(&c->domain_sid, sid); +} + +/* + * Query Routines + */ + +/********************************************************************** + *********************************************************************/ + + const char* cell_search_base(struct likewise_cell *c) +{ + if (!c) + return NULL; + + return talloc_asprintf(c, "cn=%s,%s", ADEX_CELL_RDN, c->dn); +} + +/********************************************************************** + *********************************************************************/ + + bool cell_search_forest(struct likewise_cell *c) +{ + uint32_t test_flags = LWCELL_FLAG_SEARCH_FOREST; + + return ((c->flags & test_flags) == test_flags); +} + +/********************************************************************** + *********************************************************************/ + + uint32_t cell_flags(struct likewise_cell *c) +{ + if (!c) + return 0; + + return c->flags; +} + +/********************************************************************** + *********************************************************************/ + + const char *cell_dns_domain(struct likewise_cell *c) +{ + if (!c) + return NULL; + + return c->dns_domain; +} + +/********************************************************************** + *********************************************************************/ + + ADS_STRUCT *cell_connection(struct likewise_cell *c) +{ + if (!c) + return NULL; + + return c->conn; +} + +/* + * Connection functions + */ + +/******************************************************************** + *******************************************************************/ + + NTSTATUS cell_connect(struct likewise_cell *c) +{ + ADS_STRUCT *ads = NULL; + ADS_STATUS ads_status; + fstring dc_name; + struct sockaddr_storage dcip; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + + /* have to at least have the AD domain name */ + + if (!c->dns_domain) { + nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* clear out any old information */ + + if (c->conn) { + ads_destroy(&c->conn); + c->conn = NULL; + } + + /* now setup the new connection */ + + ads = ads_init(c->dns_domain, NULL, NULL); + BAIL_ON_PTR_ERROR(ads, nt_status); + + ads->auth.password = + secrets_fetch_machine_password(lp_workgroup(), NULL, NULL); + ads->auth.realm = SMB_STRDUP(lp_realm()); + + /* Make the connection. We should already have an initial + TGT using the machine creds */ + + if (cell_flags(c) & LWCELL_FLAG_GC_CELL) { + ads_status = ads_connect_gc(ads); + } else { + /* Set up server affinity for normal cells and the client + site name cache */ + + if (!get_dc_name("", c->dns_domain, dc_name, &dcip)) { + nt_status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + ads_status = ads_connect(ads); + } + + + c->conn = ads; + + nt_status = ads_ntstatus(ads_status); + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + ads_destroy(&ads); + c->conn = NULL; + } + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + + NTSTATUS cell_connect_dn(struct likewise_cell **c, const char *dn) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct likewise_cell *new_cell = NULL; + char *dns_domain = NULL; + + if (*c || !dn) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if ((new_cell = cell_new()) == NULL) { + nt_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Set the DNS domain, dn, etc ... and add it to the list */ + + dns_domain = cell_dn_to_dns(dn); + cell_set_dns_domain(new_cell, dns_domain); + SAFE_FREE(dns_domain); + + cell_set_dn(new_cell, dn); + + nt_status = cell_connect(new_cell); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + *c = new_cell; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(1,("LWI: Failled to connect to cell \"%s\" (%s)\n", + dn ? dn : "NULL", nt_errstr(nt_status))); + talloc_destroy(new_cell); + } + + return nt_status; +} + + +/******************************************************************** + *******************************************************************/ + +#define MAX_SEARCH_COUNT 2 + + ADS_STATUS cell_do_search(struct likewise_cell *c, + const char *search_base, + int scope, + const char *expr, + const char **attrs, + LDAPMessage ** msg) +{ + int search_count = 0; + ADS_STATUS status; + NTSTATUS nt_status; + + /* check for a NULL connection */ + + if (!c->conn) { + nt_status = cell_connect(c); + if (!NT_STATUS_IS_OK(nt_status)) { + status = ADS_ERROR_NT(nt_status); + return status; + } + } + + DEBUG(10, ("cell_do_search: Base = %s, Filter = %s, Scope = %d, GC = %s\n", + search_base, expr, scope, + c->conn->server.gc ? "yes" : "no")); + + /* we try multiple times in case the ADS_STRUCT is bad + and we need to reconnect */ + + while (search_count < MAX_SEARCH_COUNT) { + *msg = NULL; + status = ads_do_search(c->conn, search_base, + scope, expr, attrs, msg); + if (ADS_ERR_OK(status)) { + if (DEBUGLEVEL >= 10) { + LDAPMessage *e = NULL; + + int n = ads_count_replies(c->conn, *msg); + + DEBUG(10,("cell_do_search: Located %d entries\n", n)); + + for (e=ads_first_entry(c->conn, *msg); + e!=NULL; + e = ads_next_entry(c->conn, e)) + { + char *dn = ads_get_dn(c->conn, e); + + DEBUGADD(10,(" dn: %s\n", dn ? dn : "<NULL>")); + SAFE_FREE(dn); + } + } + + return status; + } + + + DEBUG(5, ("cell_do_search: search[%d] failed (%s)\n", + search_count, ads_errstr(status))); + + search_count++; + + /* Houston, we have a problem */ + + if (status.error_type == ENUM_ADS_ERROR_LDAP) { + switch (status.err.rc) { + case LDAP_TIMELIMIT_EXCEEDED: + case LDAP_TIMEOUT: + case -1: /* we get this error if we cannot contact + the LDAP server */ + nt_status = cell_connect(c); + if (!NT_STATUS_IS_OK(nt_status)) { + status = ADS_ERROR_NT(nt_status); + return status; + } + break; + default: + /* we're all done here */ + return status; + } + } + } + + DEBUG(5, ("cell_do_search: exceeded maximum search count!\n")); + + return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); +} diff --git a/source3/winbindd/idmap_adex/provider_unified.c b/source3/winbindd/idmap_adex/provider_unified.c new file mode 100644 index 0000000000..f18534797e --- /dev/null +++ b/source3/winbindd/idmap_adex/provider_unified.c @@ -0,0 +1,1180 @@ +/* + * idmap_adex + * + * Provider for RFC2307 and SFU AD Forests + * + * Copyright (C) Gerald (Jerry) Carter 2006-2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "idmap_adex.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +/* Information needed by the LDAP search filters */ + +enum filterType { SidFilter, IdFilter, AliasFilter }; + +struct lwcell_filter +{ + enum filterType ftype; + bool use2307; + union { + DOM_SID sid; + struct { + uint32_t id; + enum id_type type; + } id; + fstring alias; + } filter; +}; + +/******************************************************************** + *******************************************************************/ + +static char* build_id_filter(uint32_t id, + enum id_type type, + uint32_t search_flags) +{ + char *filter = NULL; + char *oc_filter, *attr_filter; + NTSTATUS nt_status; + TALLOC_CTX *frame = talloc_stackframe(); + bool use2307 = ((search_flags & LWCELL_FLAG_USE_RFC2307_ATTRS) + == LWCELL_FLAG_USE_RFC2307_ATTRS); + bool use_gc = ((search_flags & LWCELL_FLAG_SEARCH_FOREST) + == LWCELL_FLAG_SEARCH_FOREST); + const char *oc; + + /* Construct search filter for objectclass and attributes */ + + switch (type) { + case ID_TYPE_UID: + oc = ADEX_OC_USER; + if (use2307) { + oc = ADEX_OC_POSIX_USER; + if (use_gc) { + oc = AD_USER; + } + } + oc_filter = talloc_asprintf(frame, "objectclass=%s", oc); + attr_filter = talloc_asprintf(frame, "%s=%u", + ADEX_ATTR_UIDNUM, id); + break; + + case ID_TYPE_GID: + oc = ADEX_OC_GROUP; + if (use2307) { + oc = ADEX_OC_POSIX_GROUP; + if (use_gc) { + oc = AD_GROUP; + } + } + oc_filter = talloc_asprintf(frame, "objectclass=%s", oc); + attr_filter = talloc_asprintf(frame, "%s=%u", + ADEX_ATTR_GIDNUM, id); + break; + default: + return NULL; + } + + BAIL_ON_PTR_ERROR(oc_filter, nt_status); + BAIL_ON_PTR_ERROR(attr_filter, nt_status); + + /* Use "keywords=%s" for non-schema cells */ + + if (use2307) { + filter = talloc_asprintf(frame, "(&(%s)(%s))", + oc_filter, attr_filter); + } else { + filter = talloc_asprintf(frame, "(&(keywords=%s)(keywords=%s))", + oc_filter, attr_filter); + } + + talloc_destroy(oc_filter); + talloc_destroy(attr_filter); + +done: + /* Don't destroy the stackframe CTX since we are returning + memory from it */ + + return filter; +} + +/******************************************************************** + *******************************************************************/ + +static char* build_alias_filter(const char *alias, uint32_t search_flags) +{ + char *filter = NULL; + char *user_attr_filter, *group_attr_filter; + NTSTATUS nt_status; + TALLOC_CTX *frame = talloc_stackframe(); + bool use2307 = ((search_flags & LWCELL_FLAG_USE_RFC2307_ATTRS) + == LWCELL_FLAG_USE_RFC2307_ATTRS); + bool search_forest = ((search_flags & LWCELL_FLAG_SEARCH_FOREST) + == LWCELL_FLAG_SEARCH_FOREST); + + /* Construct search filter for objectclass and attributes */ + + user_attr_filter = talloc_asprintf(frame, "%s=%s", + ADEX_ATTR_UID, alias); + group_attr_filter = talloc_asprintf(frame, "%s=%s", + ADEX_ATTR_DISPLAYNAME, alias); + BAIL_ON_PTR_ERROR(user_attr_filter, nt_status); + BAIL_ON_PTR_ERROR(group_attr_filter, nt_status); + + /* Use "keywords=%s" for non-schema cells */ + + if (use2307) { + filter = talloc_asprintf(frame, + "(|(&(%s)(objectclass=%s))(&(%s)(objectclass=%s)))", + user_attr_filter, + search_forest ? AD_USER : ADEX_OC_POSIX_USER, + group_attr_filter, + search_forest ? AD_GROUP : ADEX_OC_POSIX_GROUP); + } else { + filter = talloc_asprintf(frame, + "(|(keywords=%s)(keywords=%s))", + user_attr_filter, + group_attr_filter); + } + + talloc_destroy(user_attr_filter); + talloc_destroy(group_attr_filter); + +done: + /* Don't destroy the stackframe CTX since we are returning + memory from it */ + + return filter; +} + + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS search_cell(struct likewise_cell *c, + LDAPMessage **msg, + const struct lwcell_filter *fdata) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX* frame = talloc_stackframe(); + char *filter = NULL; + const char *base = NULL; + ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); + const char *attrs[] = { "*", NULL }; + int count; + char *sid_str; + + /* get the filter and other search parameters */ + + switch (fdata->ftype) { + case SidFilter: + sid_str = sid_string_talloc(frame, &fdata->filter.sid); + BAIL_ON_PTR_ERROR(sid_str, nt_status); + + filter = talloc_asprintf(frame, "(keywords=backLink=%s)", + sid_str); + break; + case IdFilter: + filter = build_id_filter(fdata->filter.id.id, + fdata->filter.id.type, + cell_flags(c)); + break; + case AliasFilter: + filter = build_alias_filter(fdata->filter.alias, + cell_flags(c)); + break; + default: + nt_status = NT_STATUS_INVALID_PARAMETER; + break; + } + BAIL_ON_PTR_ERROR(filter, nt_status); + + base = cell_search_base(c); + BAIL_ON_PTR_ERROR(base, nt_status); + + ads_status = cell_do_search(c, base, LDAP_SCOPE_SUBTREE, + filter, attrs, msg); + + nt_status = ads_ntstatus(ads_status); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Now check that we got only one reply */ + + count = ads_count_replies(c->conn, *msg); + if (count < 1) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if ( count > 1) { + nt_status = NT_STATUS_DUPLICATE_NAME; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + +done: + PRINT_NTSTATUS_ERROR(nt_status, "search_cell", 4); + + talloc_destroy(CONST_DISCARD(char*, base)); + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS search_domain(struct likewise_cell **cell, + LDAPMessage **msg, + const char *dn, + const DOM_SID *sid) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX* frame = talloc_stackframe(); + int count; + + nt_status = dc_search_domains(cell, msg, dn, sid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Now check that we got only one reply */ + + count = ads_count_replies(cell_connection(*cell), *msg); + if (count < 1) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if ( count > 1) { + nt_status = NT_STATUS_DUPLICATE_NAME; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + +done: + PRINT_NTSTATUS_ERROR(nt_status, "search_domain", 4); + talloc_destroy(frame); + + return nt_status; +} + + +/******************************************************************** + Check that a DN is within the forest scope. + *******************************************************************/ + +static bool check_forest_scope(const char *dn) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *frame = talloc_stackframe(); + char *p = NULL; + char *q = NULL; + char *dns_domain = NULL; + struct winbindd_tdc_domain *domain; + + /* If the DN does *not* contain "$LikewiseIdentityCell", + assume this is a schema mode forest and it is in the + forest scope by definition. */ + + if ((p = strstr_m(dn, ADEX_CELL_RDN)) == NULL) { + nt_status = NT_STATUS_OK; + goto done; + } + + /* If this is a non-schema forest, then make sure that the DN + is in the form "...,cn=$LikewiseIdentityCell,DC=..." */ + + if ((q = strchr_m(p, ',')) == NULL) { + nt_status = NT_STATUS_OBJECT_NAME_INVALID; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + q++; + if (StrnCaseCmp(q, "dc=", 3) != 0) { + nt_status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + + dns_domain = cell_dn_to_dns(q); + BAIL_ON_PTR_ERROR(dns_domain, nt_status); + + domain = wcache_tdc_fetch_domain(frame, dns_domain); + if (!domain) { + nt_status = NT_STATUS_TRUSTED_DOMAIN_FAILURE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(frame); + SAFE_FREE(dns_domain); + + return NT_STATUS_IS_OK(nt_status); +} + + + +/******************************************************************** + Check that only one result was returned within the forest cell + scope. + *******************************************************************/ + +static NTSTATUS check_result_unique_scoped(ADS_STRUCT **ads_list, + LDAPMessage **msg_list, + int num_resp, + char **dn, + DOM_SID *user_sid) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + int i; + ADS_STRUCT *ads = NULL; + LDAPMessage *msg = NULL; + int count = 0; + char *entry_dn = NULL; + TALLOC_CTX *frame = talloc_stackframe(); + + if (!dn || !user_sid) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + *dn = NULL; + + if (!ads_list || !msg_list || (num_resp == 0)) { + nt_status = NT_STATUS_NO_SUCH_FILE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Loop over all msgs */ + + for (i=0; i<num_resp; i++) { + LDAPMessage *e = ads_first_entry(ads_list[i], msg_list[i]); + + while (e) { + entry_dn = ads_get_dn(ads_list[i], e); + BAIL_ON_PTR_ERROR(entry_dn, nt_status); + + if (check_forest_scope(entry_dn)) { + count++; + + /* If we've already broken the condition, no + need to continue */ + + if (count > 1) { + nt_status = NT_STATUS_DUPLICATE_NAME; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + ads = ads_list[i]; + msg = e; + *dn = SMB_STRDUP(entry_dn); + BAIL_ON_PTR_ERROR((*dn), nt_status); + } + + e = ads_next_entry(ads_list[i], e); + SAFE_FREE(entry_dn); + } + } + + if (!ads || !msg) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* If we made is through the loop, then grab the user_sid and + run home to base */ + + /* + Try and get the SID from either objectSid or keywords. + We cannot use pull_sid() here since we want to try + both methods and not only one or the other (and we + have no full likewise_cell struct. + + Fail if both are unavailable + */ + + if (!ads_pull_sid(ads, msg, "objectSid", user_sid)) { + char **keywords; + char *s; + size_t num_lines = 0; + + keywords = ads_pull_strings(ads, frame, msg, "keywords", + &num_lines); + BAIL_ON_PTR_ERROR(keywords, nt_status); + + s = find_attr_string(keywords, num_lines, "backLink"); + if (!s) { + nt_status = NT_STATUS_INTERNAL_DB_CORRUPTION; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if (!string_to_sid(user_sid, s)) { + nt_status = NT_STATUS_INVALID_SID; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + } + + nt_status = NT_STATUS_OK; + +done: + if (!NT_STATUS_IS_OK(nt_status)) { + SAFE_FREE(*dn); + } + + talloc_destroy(frame); + SAFE_FREE(entry_dn); + + return nt_status; +} + +/******************************************************************** + Search all forests. Each forest can have it's own forest-cell + settings so we have to generate the filter for each search. + We don't use gc_search_all_forests() since we may have a different + schema model in each forest and need to construct the search + filter for each GC search. + *******************************************************************/ + +static NTSTATUS search_forest(struct likewise_cell *forest_cell, + LDAPMessage **msg, + const struct lwcell_filter *fdata) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *frame = talloc_stackframe(); + char *filter = NULL; + char *dn = NULL; + struct gc_info *gc = NULL; + ADS_STRUCT **ads_list = NULL; + LDAPMessage **msg_list = NULL; + int num_resp = 0; + LDAPMessage *m; + DOM_SID user_sid; + struct likewise_cell *domain_cell = NULL; + + if ((gc = gc_search_start()) == NULL) { + nt_status = NT_STATUS_INVALID_DOMAIN_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + while (gc) { + char *sid_binstr = NULL; + uint32_t flags = LWCELL_FLAG_SEARCH_FOREST; + + m = NULL; + + flags |= cell_flags(gc->forest_cell); + + switch (fdata->ftype) { + case SidFilter: + sid_binstr = sid_binstring(&fdata->filter.sid); + BAIL_ON_PTR_ERROR(sid_binstr, nt_status); + + filter = talloc_asprintf(frame, "(objectSid=%s)", sid_binstr); + SAFE_FREE(sid_binstr); + break; + case IdFilter: + filter = build_id_filter(fdata->filter.id.id, + fdata->filter.id.type, flags); + break; + case AliasFilter: + filter = build_alias_filter(fdata->filter.alias, flags); + break; + } + + /* First find the sparse object in GC */ + nt_status = gc_search_forest(gc, &m, filter); + if (!NT_STATUS_IS_OK(nt_status)) { + gc = gc->next; + continue; + } + + nt_status = add_ads_result_to_array(cell_connection(gc->forest_cell), + m, &ads_list, &msg_list, + &num_resp); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + gc = gc->next; + } + + /* Uniqueness check across forests */ + + nt_status = check_result_unique_scoped(ads_list, msg_list, num_resp, + &dn, &user_sid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = search_domain(&domain_cell, &m, dn, &user_sid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Save the connection and results in the return parameters */ + + forest_cell->gc_search_cell = domain_cell; + *msg = m; + +done: + PRINT_NTSTATUS_ERROR(nt_status, "search_forest", 4); + + SAFE_FREE(dn); + + free_result_array(ads_list, msg_list, num_resp); + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS search_cell_list(struct likewise_cell **c, + LDAPMessage **m, + const struct lwcell_filter *fdata) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + struct likewise_cell *cell = NULL; + LDAPMessage *msg = NULL; + struct likewise_cell *result_cell = NULL; + + if ((cell = cell_list_head()) == NULL) { + nt_status = NT_STATUS_INVALID_SERVER_STATE; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + while (cell) { + /* Clear any previous GC search results */ + + cell->gc_search_cell = NULL; + + if (cell_search_forest(cell)) { + nt_status = search_forest(cell, &msg, fdata); + } else { + nt_status = search_cell(cell, &msg, fdata); + } + + /* Always point to the search result cell. + In forests this might be for another domain + which means the schema model may be different */ + + result_cell = cell->gc_search_cell ? + cell->gc_search_cell : cell; + + /* Check if we are done */ + + if (NT_STATUS_IS_OK(nt_status)) { + break; + } + + /* No luck. Free memory and hit the next cell. + Forest searches always set the gc_search_cell + so give preference to that connection if possible. */ + + ads_msgfree(cell_connection(result_cell), msg); + msg = NULL; + + cell = cell->next; + } + + /* This might be assigning NULL but that is ok as long as we + give back the proper error code */ + + *c = result_cell; + *m = msg; + +done: + PRINT_NTSTATUS_ERROR(nt_status, "search_cell_list", 3); + + return nt_status; +} + +/******************************************************************** + Pull the SID from an object which is always stored in the keywords + attribute as "backLink=S-1-5-21-..." + *******************************************************************/ + +static NTSTATUS pull_sid(struct likewise_cell *c, + LDAPMessage *msg, + DOM_SID *sid) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *frame = talloc_stackframe(); + ADS_STRUCT *ads = NULL; + + ads = cell_connection(c); + + /* + We have two ways of getting the sid: + (a) from the objectSID in case of a GC search, + (b) from backLink in the case of a cell search. + Pull the keywords attributes and grab the backLink. + */ + + if (!ads_pull_sid(ads, msg, "objectSid", sid)) { + char **keywords; + char *s; + size_t num_lines = 0; + + keywords = ads_pull_strings(ads, frame, msg, + "keywords", &num_lines); + BAIL_ON_PTR_ERROR(keywords, nt_status); + + s = find_attr_string(keywords, num_lines, "backLink"); + if (!s) { + nt_status = NT_STATUS_INTERNAL_DB_CORRUPTION; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + if (!string_to_sid(sid, s)) { + nt_status = NT_STATUS_INVALID_SID; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS get_object_type(struct likewise_cell *c, + LDAPMessage *msg, + enum id_type *type) +{ + TALLOC_CTX *ctx = talloc_stackframe(); + char **oc_list = NULL; + NTSTATUS nt_status = NT_STATUS_OK; + size_t list_size = 0; + char *s = NULL; + ADS_STRUCT *ads = NULL; + + ads = cell_connection(c); + + /* Deal with RFC 2307 support first */ + + if (cell_flags(c) & LWCELL_FLAG_USE_RFC2307_ATTRS) { + oc_list = ads_pull_strings(ads, ctx, msg, + "objectClass", &list_size); + if (!oc_list) { + nt_status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto done; + } + + /* Check for posix classes and AD classes */ + + if (is_object_class(oc_list, list_size, ADEX_OC_POSIX_USER) + || is_object_class(oc_list, list_size, AD_USER)) { + *type = ID_TYPE_UID; + } else if (is_object_class(oc_list, list_size, ADEX_OC_POSIX_GROUP) + || is_object_class(oc_list, list_size, AD_GROUP)) { + *type = ID_TYPE_GID; + } else { + *type = ID_TYPE_NOT_SPECIFIED; + nt_status = NT_STATUS_INVALID_PARAMETER; + } + } else { + /* Default to non-schema mode */ + + oc_list = ads_pull_strings(ads, ctx, msg, + "keywords", &list_size); + if (!oc_list) { + nt_status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto done; + } + + s = find_attr_string(oc_list, list_size, "objectClass"); + if (!s) { + nt_status = NT_STATUS_INTERNAL_DB_CORRUPTION; + goto done; + } + + if (strequal(s, ADEX_OC_USER)) { + *type = ID_TYPE_UID; + } else if (strequal(s, ADEX_OC_GROUP)) { + *type = ID_TYPE_GID; + } else { + *type = ID_TYPE_NOT_SPECIFIED; + nt_status = NT_STATUS_INVALID_PARAMETER; + } + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(ctx); + + return nt_status; +} + +/******************************************************************** + Pull an attribute uint32_t value + *******************************************************************/ + +static NTSTATUS get_object_uint32(struct likewise_cell *c, + LDAPMessage *msg, + const char *attrib, + uint32_t *x) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char **keywords = NULL; + size_t list_size = 0; + TALLOC_CTX *frame = talloc_stackframe(); + ADS_STRUCT *ads = NULL; + + ads = cell_connection(c); + + /* Deal with RFC2307 schema */ + + if (cell_flags(c) & LWCELL_FLAG_USE_RFC2307_ATTRS) { + if (!ads_pull_uint32(ads, msg, attrib, x)) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + } else { + /* Non-schema mode */ + char *s = NULL; + uint32_t num; + + keywords = ads_pull_strings(ads, frame, msg, "keywords", + &list_size); + BAIL_ON_PTR_ERROR(keywords, nt_status); + + s = find_attr_string(keywords, list_size, attrib); + if (!s) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + num = strtoll(s, NULL, 10); + if (errno == ERANGE) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + *x = num; + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS get_object_id(struct likewise_cell *c, + LDAPMessage *msg, + enum id_type type, + uint32_t *id) +{ + NTSTATUS nt_status = NT_STATUS_OK; + const char *id_attr; + + /* Figure out which attribute we need to pull */ + + switch (type) { + case ID_TYPE_UID: + id_attr = ADEX_ATTR_UIDNUM; + break; + case ID_TYPE_GID: + id_attr = ADEX_ATTR_GIDNUM; + break; + default: + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + break; + } + + nt_status = get_object_uint32(c, msg, id_attr, id); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + return nt_status; +} + +/******************************************************************** + Pull the uid/gid and type from an object. This differs depending on + the cell flags. + *******************************************************************/ + +static NTSTATUS pull_id(struct likewise_cell *c, + LDAPMessage *msg, + uint32_t *id, + enum id_type *type) +{ + NTSTATUS nt_status; + + nt_status = get_object_type(c, msg, type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_object_id(c, msg, *type, id); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + return nt_status; +} + +/******************************************************************** + Pull an attribute string value + *******************************************************************/ + +static NTSTATUS get_object_string(struct likewise_cell *c, + LDAPMessage *msg, + TALLOC_CTX *ctx, + const char *attrib, + char **string) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char **keywords = NULL; + size_t list_size = 0; + TALLOC_CTX *frame = talloc_stackframe(); + ADS_STRUCT *ads = NULL; + + *string = NULL; + + ads = cell_connection(c); + + /* Deal with RFC2307 schema */ + + if (cell_flags(c) & LWCELL_FLAG_USE_RFC2307_ATTRS) { + *string = ads_pull_string(ads, ctx, msg, attrib); + } else { + /* Non-schema mode */ + + char *s = NULL; + + keywords = ads_pull_strings(ads, frame, msg, + "keywords", &list_size); + if (!keywords) { + nt_status = NT_STATUS_NO_MEMORY; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + s = find_attr_string(keywords, list_size, attrib); + if (s) { + *string = talloc_strdup(ctx, s); + } + } + + if (!*string) { + nt_status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = NT_STATUS_OK; + +done: + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + Pull the struct passwd fields for a user + *******************************************************************/ + +static NTSTATUS pull_nss_info(struct likewise_cell *c, + LDAPMessage *msg, + TALLOC_CTX *ctx, + char **homedir, + char **shell, + char **gecos, + gid_t *p_gid) +{ + NTSTATUS nt_status; + + nt_status = get_object_string(c, msg, ctx, ADEX_ATTR_HOMEDIR, homedir); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_object_string(c, msg, ctx, ADEX_ATTR_SHELL, shell); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_object_string(c, msg, ctx, ADEX_ATTR_GECOS, gecos); + /* Gecos is often not set so ignore failures */ + + nt_status = get_object_uint32(c, msg, ADEX_ATTR_GIDNUM, p_gid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + return nt_status; +} + +/******************************************************************** + Pull the struct passwd fields for a user + *******************************************************************/ + +static NTSTATUS pull_alias(struct likewise_cell *c, + LDAPMessage *msg, + TALLOC_CTX *ctx, + char **alias) +{ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + enum id_type type; + const char *attr = NULL; + + /* Figure out if this is a user or a group */ + + nt_status = get_object_type(c, msg, &type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + switch (type) { + case ID_TYPE_UID: + attr = ADEX_ATTR_UID; + break; + case ID_TYPE_GID: + /* What is the group attr for RFC2307 Forests? */ + attr = ADEX_ATTR_DISPLAYNAME; + break; + default: + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + break; + } + + nt_status = get_object_string(c, msg, ctx, attr, alias); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS _ccp_get_sid_from_id(DOM_SID * sid, + uint32_t id, enum id_type type) +{ + struct likewise_cell *cell = NULL; + LDAPMessage *msg = NULL; + NTSTATUS nt_status; + struct lwcell_filter filter; + + filter.ftype = IdFilter; + filter.filter.id.id = id; + filter.filter.id.type = type; + + nt_status = search_cell_list(&cell, &msg, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = pull_sid(cell, msg, sid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + ads_msgfree(cell->conn, msg); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS _ccp_get_id_from_sid(uint32_t * id, + enum id_type *type, + const DOM_SID * sid) +{ + struct likewise_cell *cell = NULL; + LDAPMessage *msg = NULL; + NTSTATUS nt_status; + struct lwcell_filter filter; + + filter.ftype = SidFilter; + sid_copy(&filter.filter.sid, sid); + + nt_status = search_cell_list(&cell, &msg, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = pull_id(cell, msg, id, type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if (*id < min_id_value()) { + nt_status = NT_STATUS_INVALID_PARAMETER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + +done: + ads_msgfree(cell->conn, msg); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +static NTSTATUS _ccp_nss_get_info(const DOM_SID * sid, + TALLOC_CTX * ctx, + char **homedir, + char **shell, + char **gecos, gid_t * p_gid) +{ + struct likewise_cell *cell = NULL; + LDAPMessage *msg = NULL; + NTSTATUS nt_status; + struct lwcell_filter filter; + enum id_type type; + + filter.ftype = SidFilter; + sid_copy(&filter.filter.sid, sid); + + nt_status = search_cell_list(&cell, &msg, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = get_object_type(cell, msg, &type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if (type != ID_TYPE_UID) { + nt_status = NT_STATUS_NO_SUCH_USER; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + nt_status = pull_nss_info(cell, msg, ctx, homedir, shell, gecos, + (uint32_t*) p_gid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + ads_msgfree(cell->conn, msg); + + return nt_status; +} + +/********************************************************************** + *********************************************************************/ + +static NTSTATUS _ccp_map_to_alias(TALLOC_CTX *ctx, + const char *domain, + const char *name, char **alias) +{ + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + DOM_SID sid; + struct likewise_cell *cell = NULL; + LDAPMessage *msg = NULL; + struct lwcell_filter filter; + enum lsa_SidType sid_type; + + /* Convert the name to a SID */ + + nt_status = gc_name_to_sid(domain, name, &sid, &sid_type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Find the user/group */ + + filter.ftype = SidFilter; + sid_copy(&filter.filter.sid, &sid); + + nt_status = search_cell_list(&cell, &msg, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Pull the alias and return */ + + nt_status = pull_alias(cell, msg, ctx, alias); + BAIL_ON_NTSTATUS_ERROR(nt_status); + +done: + PRINT_NTSTATUS_ERROR(nt_status, "map_to_alias", 3); + + talloc_destroy(frame); + ads_msgfree(cell_connection(cell), msg); + + return nt_status; +} + +/********************************************************************** + Map from an alias name to the canonical, qualified name. + Ensure that the alias is only pull from the closest in which + the user or gorup is enabled in + *********************************************************************/ + +static NTSTATUS _ccp_map_from_alias(TALLOC_CTX *mem_ctx, + const char *domain, + const char *alias, char **name) +{ + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + DOM_SID sid; + struct likewise_cell *cell_alias = NULL; + LDAPMessage *msg_alias = NULL; + struct likewise_cell *cell_sid = NULL; + LDAPMessage *msg_sid = NULL; + struct lwcell_filter filter; + char *canonical_name = NULL; + enum lsa_SidType type; + + /* Find the user/group */ + + filter.ftype = AliasFilter; + fstrcpy(filter.filter.alias, alias); + + nt_status = search_cell_list(&cell_alias, &msg_alias, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + nt_status = pull_sid(cell_alias, msg_alias, &sid); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + /* Now search again for the SID according to the cell list. + Verify that the cell of both search results is the same + so that we only match an alias from the closest cell + in which a user/group has been instantied. */ + + filter.ftype = SidFilter; + sid_copy(&filter.filter.sid, &sid); + + nt_status = search_cell_list(&cell_sid, &msg_sid, &filter); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + if (cell_alias != cell_sid) { + nt_status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + BAIL_ON_NTSTATUS_ERROR(nt_status); + } + + /* Finally do the GC sid/name conversion */ + + nt_status = gc_sid_to_name(&sid, &canonical_name, &type); + BAIL_ON_NTSTATUS_ERROR(nt_status); + + *name = talloc_strdup(mem_ctx, canonical_name); + BAIL_ON_PTR_ERROR((*name), nt_status); + + nt_status = NT_STATUS_OK; + +done: + PRINT_NTSTATUS_ERROR(nt_status, "map_from_alias", 3); + + ads_msgfree(cell_connection(cell_alias), msg_alias); + ads_msgfree(cell_connection(cell_sid), msg_sid); + + SAFE_FREE(canonical_name); + + talloc_destroy(frame); + + return nt_status; +} + +/******************************************************************** + *******************************************************************/ + +struct cell_provider_api ccp_unified = { + .get_sid_from_id = _ccp_get_sid_from_id, + .get_id_from_sid = _ccp_get_id_from_sid, + .get_nss_info = _ccp_nss_get_info, + .map_to_alias = _ccp_map_to_alias, + .map_from_alias = _ccp_map_from_alias +}; diff --git a/source3/winbindd/idmap_tdb2.c b/source3/winbindd/idmap_tdb2.c index 3066db6f3b..8bde963c60 100644 --- a/source3/winbindd/idmap_tdb2.c +++ b/source3/winbindd/idmap_tdb2.c @@ -94,12 +94,11 @@ static NTSTATUS idmap_tdb2_open_db(void) */ static NTSTATUS idmap_tdb2_alloc_load(void) { - const char *range; uid_t low_uid = 0; uid_t high_uid = 0; gid_t low_gid = 0; gid_t high_gid = 0; - uint32 low_id, high_id; + uint32 low_id; /* see if a idmap script is configured */ idmap_tdb2_state.idmap_script = lp_parm_const_string(-1, "idmap", @@ -187,6 +186,10 @@ static NTSTATUS idmap_tdb2_allocate_id(struct unixid *xid) uint32_t high_hwm; uint32_t hwm; int res; + NTSTATUS status; + + status = idmap_tdb2_open_db(); + NT_STATUS_NOT_OK_RETURN(status); /* Get current high water mark */ switch (xid->type) { @@ -264,6 +267,10 @@ static NTSTATUS idmap_tdb2_get_hwm(struct unixid *xid) const char *hwmtype; uint32_t hwm; uint32_t high_hwm; + NTSTATUS status; + + status = idmap_tdb2_open_db(); + NT_STATUS_NOT_OK_RETURN(status); /* Get current high water mark */ switch (xid->type) { @@ -451,6 +458,10 @@ static NTSTATUS idmap_tdb2_id_to_sid(struct idmap_tdb2_context *ctx, struct id_m NTSTATUS ret; TDB_DATA data; char *keystr; + NTSTATUS status; + + status = idmap_tdb2_open_db(); + NT_STATUS_NOT_OK_RETURN(status); if (!ctx || !map) { return NT_STATUS_INVALID_PARAMETER; @@ -546,6 +557,10 @@ static NTSTATUS idmap_tdb2_sid_to_id(struct idmap_tdb2_context *ctx, struct id_m TDB_DATA data; char *keystr; unsigned long rec_id = 0; + NTSTATUS status; + + status = idmap_tdb2_open_db(); + NT_STATUS_NOT_OK_RETURN(status); if ((keystr = sid_string_talloc(ctx, map->sid)) == NULL) { DEBUG(0, ("Out of memory!\n")); diff --git a/source3/winbindd/idmap_util.c b/source3/winbindd/idmap_util.c index b10a1a4ba9..9f876618be 100644 --- a/source3/winbindd/idmap_util.c +++ b/source3/winbindd/idmap_util.c @@ -121,7 +121,7 @@ backend: return NT_STATUS_NONE_MAPPED; } - idmap_cache_set_sid2uid(sid, gid); + idmap_cache_set_sid2gid(sid, gid); return NT_STATUS_OK; } diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 894e7866b3..1febddf110 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -1023,10 +1023,11 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, DEBUG(10,("ads: lookup_groupmem: got sid %s from " "cache\n", sid_string_dbg(&sid))); sid_copy(&(*sid_mem)[*num_names], &sid); - (*names)[*num_names] = talloc_asprintf(*names, "%s%c%s", - domain_name, - *lp_winbind_separator(), - name ); + (*names)[*num_names] = fill_domain_username_talloc( + *names, + domain_name, + name, + true); (*name_types)[*num_names] = name_type; (*num_names)++; @@ -1071,11 +1072,12 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, { sid_copy(&(*sid_mem)[*num_names], &sid_mem_nocache[i]); - (*names)[*num_names] = talloc_asprintf( *names, - "%s%c%s", - domains_nocache[i], - *lp_winbind_separator(), - names_nocache[i] ); + (*names)[*num_names] = + fill_domain_username_talloc( + *names, + domains_nocache[i], + names_nocache[i], + true); (*name_types)[*num_names] = name_types_nocache[i]; (*num_names)++; } diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c index 1481aed8e1..7500bcbe5b 100644 --- a/source3/winbindd/winbindd_async.c +++ b/source3/winbindd/winbindd_async.c @@ -366,7 +366,7 @@ static void lookupname_recv(TALLOC_CTX *mem_ctx, bool success, /******************************************************************** The lookup name call first contacts a DC in its own domain - and fallbacks to contact a DC in the forest in our domain doesn't + and fallbacks to contact a DC if the forest in our domain doesn't know the name. ********************************************************************/ diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index ce851649ba..db43101a34 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1080,7 +1080,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx, fstring name ) { struct ip_service ip_list; - uint32_t nt_version = NETLOGON_VERSION_1; + uint32_t nt_version = NETLOGON_NT_VERSION_1; ip_list.ss = *pss; ip_list.port = 0; diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 63ce0e8d7f..aeb52d9b5a 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -120,6 +120,10 @@ void async_request(TALLOC_CTX *mem_ctx, struct winbindd_child *child, SMB_ASSERT(continuation != NULL); + DEBUG(10, ("Sending request to child pid %d (domain=%s)\n", + (int)child->pid, + (child->domain != NULL) ? child->domain->name : "''")); + state = TALLOC_P(mem_ctx, struct winbindd_async_request); if (state == NULL) { @@ -196,10 +200,12 @@ static void async_request_fail(struct winbindd_async_request *state) TALLOC_FREE(state->reply_timeout_event); - SMB_ASSERT(state->child_pid != (pid_t)0); + /* If child exists and is not already reaped, + send kill signal to child. */ - /* If not already reaped, send kill signal to child. */ - if (state->child->pid == state->child_pid) { + if ((state->child->pid != (pid_t)0) && + (state->child->pid != (pid_t)-1) && + (state->child->pid == state->child_pid)) { kill(state->child_pid, SIGTERM); /* @@ -294,13 +300,27 @@ static void schedule_async_request(struct winbindd_child *child) return; /* Busy */ } + /* + * This may be a reschedule, so we might + * have an existing timeout event pending on + * the first entry in the child->requests list + * (we only send one request at a time). + * Ensure we free it before we reschedule. + * Bug #5814, from hargagan <shargagan@novell.com>. + * JRA. + */ + + TALLOC_FREE(request->reply_timeout_event); + if ((child->pid == 0) && (!fork_domain_child(child))) { - /* Cancel all outstanding requests */ + /* fork_domain_child failed. + Cancel all outstanding requests */ while (request != NULL) { /* request might be free'd in the continuation */ struct winbindd_async_request *next = request->next; - request->continuation(request->private_data, False); + + async_request_fail(request); request = next; } return; @@ -487,6 +507,17 @@ void winbind_child_died(pid_t pid) child->event.flags = 0; child->pid = 0; + if (child->requests) { + /* + * schedule_async_request() will also + * clear this event but the call is + * idempotent so it doesn't hurt to + * cover all possible future code + * paths. JRA. + */ + TALLOC_FREE(child->requests->reply_timeout_event); + } + schedule_async_request(child); } diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 088f946877..f2b6fbefb5 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -35,7 +35,11 @@ static void add_member(const char *domain, const char *user, { fstring name; - fill_domain_username(name, domain, user, True); + if (domain != NULL) { + fill_domain_username(name, domain, user, True); + } else { + fstrcpy(name, user); + } safe_strcat(name, ",", sizeof(name)-1); string_append(pp_members, name); *p_num_members += 1; @@ -136,7 +140,7 @@ static void add_expanded_sid(const DOM_SID *sid, continue; } - add_member(domain->name, names[i], pp_members, p_num_members); + add_member(NULL, names[i], pp_members, p_num_members); } done: diff --git a/source3/winbindd/winbindd_locator.c b/source3/winbindd/winbindd_locator.c index b2a8bd7e30..b60d235f70 100644 --- a/source3/winbindd/winbindd_locator.c +++ b/source3/winbindd/winbindd_locator.c @@ -45,11 +45,15 @@ struct winbindd_child *locator_child(void) void winbindd_dsgetdcname(struct winbindd_cli_state *state) { - state->request.domain_name - [sizeof(state->request.domain_name)-1] = '\0'; + state->request.data.dsgetdcname.domain_name + [sizeof(state->request.data.dsgetdcname.domain_name)-1] = '\0'; + state->request.data.dsgetdcname.site_name + [sizeof(state->request.data.dsgetdcname.site_name)-1] = '\0'; + state->request.data.dsgetdcname.domain_guid + [sizeof(state->request.data.dsgetdcname.domain_guid)-1] = '\0'; DEBUG(3, ("[%5lu]: dsgetdcname for %s\n", (unsigned long)state->pid, - state->request.domain_name)); + state->request.data.dsgetdcname.domain_name)); sendto_child(state, locator_child()); } @@ -94,44 +98,59 @@ static uint32_t get_dsgetdc_flags(uint32_t wbc_flags) return ds_flags; } - static enum winbindd_result dual_dsgetdcname(struct winbindd_domain *domain, struct winbindd_cli_state *state) { NTSTATUS result; struct netr_DsRGetDCNameInfo *info = NULL; - const char *dc = NULL; uint32_t ds_flags = 0; + struct GUID guid, *guid_ptr = NULL; + const char *guid_str = NULL; - state->request.domain_name - [sizeof(state->request.domain_name)-1] = '\0'; + state->request.data.dsgetdcname.domain_name + [sizeof(state->request.data.dsgetdcname.domain_name)-1] = '\0'; + state->request.data.dsgetdcname.site_name + [sizeof(state->request.data.dsgetdcname.site_name)-1] = '\0'; + state->request.data.dsgetdcname.domain_guid + [sizeof(state->request.data.dsgetdcname.domain_guid)-1] = '\0'; DEBUG(3, ("[%5lu]: dsgetdcname for %s\n", (unsigned long)state->pid, - state->request.domain_name)); + state->request.data.dsgetdcname.domain_name)); ds_flags = get_dsgetdc_flags(state->request.flags); - result = dsgetdcname(state->mem_ctx, winbind_messaging_context(), - state->request.domain_name, - NULL, NULL, ds_flags, &info); - - if (!NT_STATUS_IS_OK(result)) { - return WINBINDD_ERROR; + result = GUID_from_string(state->request.data.dsgetdcname.domain_guid, + &guid); + if (NT_STATUS_IS_OK(result) && !GUID_all_zero(&guid)) { + guid_ptr = &guid; } - if (info->dc_address) { - dc = strip_hostname(info->dc_address); - } + result = dsgetdcname(state->mem_ctx, + winbind_messaging_context(), + state->request.data.dsgetdcname.domain_name, + guid_ptr, + state->request.data.dsgetdcname.site_name, + ds_flags, + &info); - if ((!dc || !is_ipaddress_v4(dc)) && info->dc_unc) { - dc = strip_hostname(info->dc_unc); + if (!NT_STATUS_IS_OK(result)) { + return WINBINDD_ERROR; } - if (!dc || !*dc) { + guid_str = GUID_string(state->mem_ctx, &info->domain_guid); + if (!guid_str) { return WINBINDD_ERROR; } - fstrcpy(state->response.data.dc_name, dc); + fstrcpy(state->response.data.dsgetdcname.dc_unc, info->dc_unc); + fstrcpy(state->response.data.dsgetdcname.dc_address, info->dc_address); + state->response.data.dsgetdcname.dc_address_type = info->dc_address_type; + fstrcpy(state->response.data.dsgetdcname.domain_guid, guid_str); + fstrcpy(state->response.data.dsgetdcname.domain_name, info->domain_name); + fstrcpy(state->response.data.dsgetdcname.forest_name, info->forest_name); + state->response.data.dsgetdcname.dc_flags = info->dc_flags; + fstrcpy(state->response.data.dsgetdcname.dc_site_name, info->dc_site_name); + fstrcpy(state->response.data.dsgetdcname.client_site_name, info->client_site_name); return WINBINDD_OK; } diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index d9104ca600..9ff3899661 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -127,7 +127,7 @@ static NTSTATUS append_info3_as_ndr(TALLOC_CTX *mem_ctx, DATA_BLOB blob; enum ndr_err_code ndr_err; - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, info3, + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, info3, (ndr_push_flags_fn_t)ndr_push_netr_SamInfo3); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(0,("append_info3_as_ndr: failed to append\n")); diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 4774bc8106..3836c46e36 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -569,6 +569,10 @@ bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, void parse_add_domuser(void *buf, char *domuser, int *len); bool canonicalize_username(fstring username_inout, fstring domain, fstring user); void fill_domain_username(fstring name, const char *domain, const char *user, bool can_assume); +char *fill_domain_username_talloc(TALLOC_CTX *ctx, + const char *domain, + const char *user, + bool can_assume); const char *get_winbind_pipe_dir(void) ; char *get_winbind_priv_pipe_dir(void) ; int open_winbindd_socket(void); diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index df80ad8029..9fbea8e45b 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -854,7 +854,10 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, } for (r=0; r<tmp_names.count; r++) { - (*names)[i+r] = CONST_DISCARD(char *, tmp_names.names[r].string); + (*names)[i+r] = fill_domain_username_talloc(mem_ctx, + domain->name, + tmp_names.names[r].string, + true); (*name_types)[i+r] = tmp_types.ids[r]; } diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index e7b6576317..fdfc8ed9d1 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -111,7 +111,16 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const const char *alternative_name = NULL; char *idmap_config_option; const char *param; + const char **ignored_domains, **dom; + ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL); + for (dom=ignored_domains; dom && *dom; dom++) { + if (gen_fnmatch(*dom, domain_name) == 0) { + DEBUG(2,("Ignoring domain '%s'\n", domain_name)); + return NULL; + } + } + /* ignore alt_name if we are not in an AD domain */ if ( (lp_security() == SEC_ADS) && alt_name && *alt_name) { @@ -436,6 +445,10 @@ static void rescan_forest_root_trusts( void ) &dom_list[i].sid ); } + if (d == NULL) { + continue; + } + DEBUG(10,("rescan_forest_root_trusts: Following trust path " "for domain tree root %s (%s)\n", d->name, d->alt_name )); @@ -500,6 +513,10 @@ static void rescan_forest_trusts( void ) &cache_methods, &dom_list[i].sid ); } + + if (d == NULL) { + continue; + } DEBUG(10,("Following trust path for domain %s (%s)\n", d->name, d->alt_name )); @@ -1058,13 +1075,12 @@ void free_getent_state(struct getent_state *state) temp = state; while(temp != NULL) { - struct getent_state *next; + struct getent_state *next = temp->next; /* Free sam entries then list entry */ SAFE_FREE(state->sam_entries); DLIST_REMOVE(state, state); - next = temp->next; SAFE_FREE(temp); temp = next; @@ -1160,7 +1176,7 @@ void parse_add_domuser(void *buf, char *domuser, int *len) } } - safe_strcpy(buf, user, *len); + safe_strcpy((char *)buf, user, *len); } /* Ensure an incoming username from NSS is fully qualified. Replace the @@ -1213,6 +1229,33 @@ void fill_domain_username(fstring name, const char *domain, const char *user, bo } } +/** + * talloc version of fill_domain_username() + * return NULL on talloc failure. + */ +char *fill_domain_username_talloc(TALLOC_CTX *mem_ctx, + const char *domain, + const char *user, + bool can_assume) +{ + char *tmp_user, *name; + + tmp_user = talloc_strdup(mem_ctx, user); + strlower_m(tmp_user); + + if (can_assume && assume_domain(domain)) { + name = tmp_user; + } else { + name = talloc_asprintf(mem_ctx, "%s%c%s", + domain, + *lp_winbind_separator(), + tmp_user); + TALLOC_FREE(tmp_user); + } + + return name; +} + /* * Winbindd socket accessor functions */ |