summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/libnet/libnet.h1
-rw-r--r--source3/libnet/libnet_proto.h9
-rw-r--r--source3/libnet/libnet_samsync.c164
-rw-r--r--source3/libnet/libnet_samsync.h68
-rw-r--r--source3/utils/net.h43
-rw-r--r--source3/utils/net_rpc_samsync.c161
6 files changed, 241 insertions, 205 deletions
diff --git a/source3/libnet/libnet.h b/source3/libnet/libnet.h
index 6768b948d6..2b5e60bf14 100644
--- a/source3/libnet/libnet.h
+++ b/source3/libnet/libnet.h
@@ -20,6 +20,7 @@
#ifndef __LIBNET_H__
#define __LIBNET_H__
+#include "libnet/libnet_samsync.h"
#include "librpc/gen_ndr/libnet_join.h"
#include "libnet/libnet_proto.h"
diff --git a/source3/libnet/libnet_proto.h b/source3/libnet/libnet_proto.h
index 52382e91a5..eeb4a72644 100644
--- a/source3/libnet/libnet_proto.h
+++ b/source3/libnet/libnet_proto.h
@@ -50,5 +50,12 @@ NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx,
bool rid_crypt,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r);
-
+NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx,
+ const struct dom_sid *domain_sid,
+ enum net_samsync_mode mode,
+ struct samsync_context **ctx_p);
+NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd,
+ enum netr_SamDatabaseID database_id,
+ samsync_fn_t callback_fn,
+ struct samsync_context *ctx);
#endif /* _LIBNET_PROTO_H_ */
diff --git a/source3/libnet/libnet_samsync.c b/source3/libnet/libnet_samsync.c
index e45a84568c..d6331fd08c 100644
--- a/source3/libnet/libnet_samsync.c
+++ b/source3/libnet/libnet_samsync.c
@@ -22,6 +22,7 @@
#include "includes.h"
+#include "libnet/libnet_samsync.h"
/**
* Decrypt and extract the user's passwords.
@@ -186,3 +187,166 @@ NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
+
+/**
+ * samsync_init_context
+ */
+
+NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx,
+ const struct dom_sid *domain_sid,
+ enum net_samsync_mode mode,
+ struct samsync_context **ctx_p)
+{
+ struct samsync_context *ctx;
+
+ *ctx_p = NULL;
+
+ ctx = TALLOC_ZERO_P(mem_ctx, struct samsync_context);
+ NT_STATUS_HAVE_NO_MEMORY(ctx);
+
+ ctx->mode = mode;
+
+ if (domain_sid) {
+ ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid);
+ NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid);
+
+ ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
+ NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid_str);
+ }
+
+ *ctx_p = ctx;
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * samsync_debug_str
+ */
+
+static const char *samsync_debug_str(TALLOC_CTX *mem_ctx,
+ enum net_samsync_mode mode,
+ enum netr_SamDatabaseID database_id)
+{
+ const char *action = NULL;
+ const char *str = NULL;
+
+ switch (mode) {
+ case NET_SAMSYNC_MODE_DUMP:
+ action = "Dumping (to stdout)";
+ break;
+ case NET_SAMSYNC_MODE_FETCH_PASSDB:
+ action = "Fetching (to passdb)";
+ break;
+ case NET_SAMSYNC_MODE_FETCH_LDIF:
+ action = "Fetching (to ldif)";
+ break;
+ default:
+ action = "Unknown";
+ break;
+ }
+
+ switch (database_id) {
+ case SAM_DATABASE_DOMAIN:
+ str = talloc_asprintf(mem_ctx, "%s DOMAIN database",
+ action);
+ break;
+ case SAM_DATABASE_BUILTIN:
+ str = talloc_asprintf(mem_ctx, "%s BUILTIN database",
+ action);
+ break;
+ case SAM_DATABASE_PRIVS:
+ str = talloc_asprintf(mem_ctx, "%s PRIVS database",
+ action);
+ break;
+ default:
+ str = talloc_asprintf(mem_ctx, "%s unknown database type %u",
+ action, database_id);
+ break;
+ }
+
+ return str;
+}
+
+/**
+ * samsync_process_database
+ */
+
+NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd,
+ enum netr_SamDatabaseID database_id,
+ samsync_fn_t callback_fn,
+ struct samsync_context *ctx)
+{
+ NTSTATUS result;
+ TALLOC_CTX *mem_ctx;
+ const char *logon_server = pipe_hnd->desthost;
+ const char *computername = global_myname();
+ struct netr_Authenticator credential;
+ struct netr_Authenticator return_authenticator;
+ uint16_t restart_state = 0;
+ uint32_t sync_context = 0;
+ const char *debug_str;
+ DATA_BLOB session_key;
+
+ ZERO_STRUCT(return_authenticator);
+
+ if (!(mem_ctx = talloc_init("samsync_process_database"))) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ debug_str = samsync_debug_str(mem_ctx, ctx->mode, database_id);
+ if (debug_str) {
+ d_fprintf(stderr, "%s\n", debug_str);
+ }
+
+ do {
+ struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
+
+ netlogon_creds_client_step(pipe_hnd->dc, &credential);
+
+ result = rpccli_netr_DatabaseSync2(pipe_hnd, mem_ctx,
+ logon_server,
+ computername,
+ &credential,
+ &return_authenticator,
+ database_id,
+ restart_state,
+ &sync_context,
+ &delta_enum_array,
+ 0xffff);
+ if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) {
+ return result;
+ }
+
+ /* Check returned credentials. */
+ if (!netlogon_creds_client_check(pipe_hnd->dc,
+ &return_authenticator.cred)) {
+ DEBUG(0,("credentials chain check failed\n"));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (NT_STATUS_IS_ERR(result)) {
+ break;
+ }
+
+ session_key = data_blob_const(pipe_hnd->dc->sess_key, 16);
+
+ samsync_fix_delta_array(mem_ctx,
+ &session_key,
+ true,
+ database_id,
+ delta_enum_array);
+
+ /* Process results */
+ callback_fn(mem_ctx, database_id, delta_enum_array, result, ctx);
+
+ TALLOC_FREE(delta_enum_array);
+
+ /* Increment sync_context */
+ sync_context += 1;
+
+ } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
+
+ talloc_destroy(mem_ctx);
+
+ return result;
+}
diff --git a/source3/libnet/libnet_samsync.h b/source3/libnet/libnet_samsync.h
new file mode 100644
index 0000000000..5898a15ebd
--- /dev/null
+++ b/source3/libnet/libnet_samsync.h
@@ -0,0 +1,68 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * libnet Support
+ * Copyright (C) Guenther Deschner 2008
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+enum net_samsync_mode {
+ NET_SAMSYNC_MODE_FETCH_PASSDB = 0,
+ NET_SAMSYNC_MODE_FETCH_LDIF = 1,
+ NET_SAMSYNC_MODE_DUMP = 2
+};
+
+/* Structure for mapping accounts to groups */
+/* Array element is the group rid */
+typedef struct _groupmap {
+ uint32_t rid;
+ uint32_t gidNumber;
+ const char *sambaSID;
+ const char *group_dn;
+} GROUPMAP;
+
+typedef struct _accountmap {
+ uint32_t rid;
+ const char *cn;
+} ACCOUNTMAP;
+
+struct samsync_ldif_context {
+ GROUPMAP *groupmap;
+ ACCOUNTMAP *accountmap;
+ bool initialized;
+ const char *add_template;
+ const char *mod_template;
+ char *add_name;
+ char *mod_name;
+ FILE *add_file;
+ FILE *mod_file;
+ FILE *ldif_file;
+ const char *suffix;
+ int num_alloced;
+};
+
+struct samsync_context {
+ enum net_samsync_mode mode;
+ const struct dom_sid *domain_sid;
+ const char *domain_sid_str;
+ const char *ldif_filename;
+ struct samsync_ldif_context *ldif;
+};
+
+typedef NTSTATUS (*samsync_fn_t)(TALLOC_CTX *,
+ enum netr_SamDatabaseID,
+ struct netr_DELTA_ENUM_ARRAY *,
+ NTSTATUS,
+ struct samsync_context *);
diff --git a/source3/utils/net.h b/source3/utils/net.h
index 627ac0aaa1..aa4f3dbb6d 100644
--- a/source3/utils/net.h
+++ b/source3/utils/net.h
@@ -145,46 +145,3 @@ enum netdom_domain_t { ND_TYPE_NT4, ND_TYPE_AD };
/* net share operation modes */
#define NET_MODE_SHARE_MIGRATE 1
-/* Structure for mapping accounts to groups */
-/* Array element is the group rid */
-typedef struct _groupmap {
- uint32_t rid;
- uint32_t gidNumber;
- const char *sambaSID;
- const char *group_dn;
-} GROUPMAP;
-
-typedef struct _accountmap {
- uint32_t rid;
- const char *cn;
-} ACCOUNTMAP;
-
-enum net_samsync_mode {
- NET_SAMSYNC_MODE_FETCH_PASSDB = 0,
- NET_SAMSYNC_MODE_FETCH_LDIF = 1,
- NET_SAMSYNC_MODE_DUMP = 2
-};
-
-struct samsync_ldif_context {
- GROUPMAP *groupmap;
- ACCOUNTMAP *accountmap;
- bool initialized;
- const char *add_template;
- const char *mod_template;
- char *add_name;
- char *mod_name;
- FILE *add_file;
- FILE *mod_file;
- FILE *ldif_file;
- const char *suffix;
- int num_alloced;
-};
-
-struct samsync_context {
- enum net_samsync_mode mode;
- const struct dom_sid *domain_sid;
- const char *domain_sid_str;
- const char *ldif_filename;
-
- struct samsync_ldif_context *ldif;
-};
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 5343a0465b..3f661161cb 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -343,167 +343,6 @@ static NTSTATUS display_sam_entries(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-static NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx,
- const struct dom_sid *domain_sid,
- enum net_samsync_mode mode,
- struct samsync_context **ctx_p)
-{
- struct samsync_context *ctx;
-
- *ctx_p = NULL;
-
- ctx = TALLOC_ZERO_P(mem_ctx, struct samsync_context);
- NT_STATUS_HAVE_NO_MEMORY(ctx);
-
- ctx->mode = mode;
-
- if (domain_sid) {
- ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid);
- NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid);
-
- ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
- NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid_str);
- }
-
- *ctx_p = ctx;
-
- return NT_STATUS_OK;
-}
-
-const char *samsync_debug_str(TALLOC_CTX *mem_ctx,
- enum net_samsync_mode mode,
- enum netr_SamDatabaseID database_id)
-{
- const char *action = NULL;
- const char *str = NULL;
-
- switch (mode) {
- case NET_SAMSYNC_MODE_DUMP:
- action = "Dumping (to stdout)";
- break;
- case NET_SAMSYNC_MODE_FETCH_PASSDB:
- action = "Fetching (to passdb)";
- break;
- case NET_SAMSYNC_MODE_FETCH_LDIF:
- action = "Fetching (to ldif)";
- break;
- default:
- action = "Unknown";
- break;
- }
-
- switch (database_id) {
- case SAM_DATABASE_DOMAIN:
- str = talloc_asprintf(mem_ctx, "%s DOMAIN database",
- action);
- break;
- case SAM_DATABASE_BUILTIN:
- str = talloc_asprintf(mem_ctx, "%s BUILTIN database",
- action);
- break;
- case SAM_DATABASE_PRIVS:
- str = talloc_asprintf(mem_ctx, "%s PRIVS database",
- action);
- break;
- default:
- str = talloc_asprintf(mem_ctx, "%s unknown database type %u",
- action, database_id);
- break;
- }
-
- if (!str) {
- return NULL;
- }
-
- return str;
-}
-
-typedef NTSTATUS (*samsync_fn_t)(TALLOC_CTX *,
- enum netr_SamDatabaseID,
- struct netr_DELTA_ENUM_ARRAY *,
- NTSTATUS,
- struct samsync_context *);
-
-static NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd,
- enum netr_SamDatabaseID database_id,
- samsync_fn_t callback_fn,
- struct samsync_context *ctx)
-{
- NTSTATUS result;
- TALLOC_CTX *mem_ctx;
- const char *logon_server = pipe_hnd->desthost;
- const char *computername = global_myname();
- struct netr_Authenticator credential;
- struct netr_Authenticator return_authenticator;
- uint16_t restart_state = 0;
- uint32_t sync_context = 0;
- const char *debug_str;
- DATA_BLOB session_key;
-
- ZERO_STRUCT(return_authenticator);
-
- if (!(mem_ctx = talloc_init("samsync_process_database"))) {
- return NT_STATUS_NO_MEMORY;
- }
-
- debug_str = samsync_debug_str(mem_ctx, ctx->mode, database_id);
- if (debug_str) {
- d_fprintf(stderr, "%s\n", debug_str);
- }
-
- do {
- struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
-
- netlogon_creds_client_step(pipe_hnd->dc, &credential);
-
- result = rpccli_netr_DatabaseSync2(pipe_hnd, mem_ctx,
- logon_server,
- computername,
- &credential,
- &return_authenticator,
- database_id,
- restart_state,
- &sync_context,
- &delta_enum_array,
- 0xffff);
- if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) {
- return result;
- }
-
- /* Check returned credentials. */
- if (!netlogon_creds_client_check(pipe_hnd->dc,
- &return_authenticator.cred)) {
- DEBUG(0,("credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- if (NT_STATUS_IS_ERR(result)) {
- break;
- }
-
- session_key = data_blob_const(pipe_hnd->dc->sess_key, 16);
-
- samsync_fix_delta_array(mem_ctx,
- &session_key,
- true,
- database_id,
- delta_enum_array);
-
- /* Process results */
- callback_fn(mem_ctx, database_id, delta_enum_array, result, ctx);
-
- TALLOC_FREE(delta_enum_array);
-
- /* Increment sync_context */
- sync_context += 1;
-
- } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
-
- talloc_destroy(mem_ctx);
-
- return result;
-}
-
/* dump sam database via samsync rpc calls */
NTSTATUS rpc_samdump_internals(struct net_context *c,
const DOM_SID *domain_sid,