diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/winbindd/winbindd_msrpc.c | 83 |
1 files changed, 59 insertions, 24 deletions
diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c index dade76a645..7cff38d4e2 100644 --- a/source3/winbindd/winbindd_msrpc.c +++ b/source3/winbindd/winbindd_msrpc.c @@ -26,7 +26,7 @@ #include "winbindd.h" #include "winbindd_rpc.h" -#include "../librpc/gen_ndr/cli_samr.h" +#include "../librpc/gen_ndr/ndr_samr_c.h" #include "rpc_client/cli_samr.h" #include "rpc_client/cli_lsarpc.h" #include "../libcli/security/security.h" @@ -609,7 +609,7 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, char ***names, uint32_t **name_types) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status, result; uint32 i, total_names = 0; struct policy_handle dom_pol, group_pol; uint32 des_access = SEC_FLAG_MAXIMUM_ALLOWED; @@ -619,6 +619,7 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, struct rpc_pipe_client *cli; unsigned int orig_timeout; struct samr_RidAttrArray *rids = NULL; + struct dcerpc_binding_handle *b; DEBUG(3,("msrpc_lookup_groupmem: %s sid=%s\n", domain->name, sid_string_dbg(group_sid))); @@ -638,14 +639,20 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, if (!NT_STATUS_IS_OK(result)) return result; - result = rpccli_samr_OpenGroup(cli, mem_ctx, + b = cli->binding_handle; + + status = dcerpc_samr_OpenGroup(b, mem_ctx, &dom_pol, des_access, group_rid, - &group_pol); - - if (!NT_STATUS_IS_OK(result)) + &group_pol, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + if (!NT_STATUS_IS_OK(result)) { return result; + } /* Step #1: Get a list of user rids that are the members of the group. */ @@ -655,17 +662,26 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, orig_timeout = rpccli_set_timeout(cli, 35000); - result = rpccli_samr_QueryGroupMember(cli, mem_ctx, + status = dcerpc_samr_QueryGroupMember(b, mem_ctx, &group_pol, - &rids); + &rids, + &result); /* And restore our original timeout. */ rpccli_set_timeout(cli, orig_timeout); - rpccli_samr_Close(cli, mem_ctx, &group_pol); + { + NTSTATUS _result; + dcerpc_samr_Close(b, mem_ctx, &group_pol, &_result); + } + + if (!NT_STATUS_IS_OK(status)) { + return status; + } - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { return result; + } if (!rids || !rids->count) { names = NULL; @@ -701,12 +717,16 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, /* Lookup a chunk of rids */ - result = rpccli_samr_LookupRids(cli, mem_ctx, + status = dcerpc_samr_LookupRids(b, mem_ctx, &dom_pol, num_lookup_rids, &rid_mem[i], &tmp_names, - &tmp_types); + &tmp_types, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } /* see if we have a real error (and yes the STATUS_SOME_UNMAPPED is the one returned from 2k) */ @@ -945,10 +965,11 @@ static NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, struct samr_DomInfo12 *lockout_policy) { - NTSTATUS result; + NTSTATUS status, result; struct rpc_pipe_client *cli; struct policy_handle dom_pol; union samr_DomainInfo *info = NULL; + struct dcerpc_binding_handle *b; DEBUG(3, ("msrpc_lockout_policy: fetch lockout policy for %s\n", domain->name)); @@ -958,16 +979,23 @@ static NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, return NT_STATUS_NOT_SUPPORTED; } - result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol); - if (!NT_STATUS_IS_OK(result)) { + status = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol); + if (!NT_STATUS_IS_OK(status)) { goto done; } - result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + b = cli->binding_handle; + + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, &dom_pol, 12, - &info); + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } if (!NT_STATUS_IS_OK(result)) { + status = result; goto done; } @@ -978,7 +1006,7 @@ static NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, done: - return result; + return status; } /* find the password policy for a domain */ @@ -986,10 +1014,11 @@ static NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, struct samr_DomInfo1 *password_policy) { - NTSTATUS result; + NTSTATUS status, result; struct rpc_pipe_client *cli; struct policy_handle dom_pol; union samr_DomainInfo *info = NULL; + struct dcerpc_binding_handle *b; DEBUG(3, ("msrpc_password_policy: fetch password policy for %s\n", domain->name)); @@ -1000,15 +1029,21 @@ static NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, return NT_STATUS_NOT_SUPPORTED; } - result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol); - if (!NT_STATUS_IS_OK(result)) { + status = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol); + if (!NT_STATUS_IS_OK(status)) { goto done; } - result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + b = cli->binding_handle; + + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, &dom_pol, 1, - &info); + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -1020,7 +1055,7 @@ static NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, done: - return result; + return status; } typedef NTSTATUS (*lookup_sids_fn_t)(struct rpc_pipe_client *cli, |