diff options
Diffstat (limited to 'source4/libnet')
-rw-r--r-- | source4/libnet/groupinfo.c | 18 | ||||
-rw-r--r-- | source4/libnet/groupman.c | 10 | ||||
-rw-r--r-- | source4/libnet/libnet_domain.c | 21 | ||||
-rw-r--r-- | source4/libnet/libnet_group.c | 16 | ||||
-rw-r--r-- | source4/libnet/libnet_join.c | 25 | ||||
-rw-r--r-- | source4/libnet/libnet_passwd.c | 22 | ||||
-rw-r--r-- | source4/libnet/libnet_samsync_ldb.c | 6 | ||||
-rw-r--r-- | source4/libnet/libnet_user.c | 16 | ||||
-rw-r--r-- | source4/libnet/userinfo.c | 16 | ||||
-rw-r--r-- | source4/libnet/userman.c | 33 |
10 files changed, 127 insertions, 56 deletions
diff --git a/source4/libnet/groupinfo.c b/source4/libnet/groupinfo.c index 1da6646702..5c94c34b1d 100644 --- a/source4/libnet/groupinfo.c +++ b/source4/libnet/groupinfo.c @@ -83,8 +83,8 @@ static void continue_groupinfo_lookup(struct rpc_request *req) if (s->monitor_fn) { msg.type = mon_SamrLookupName; msg_lookup = talloc(s, struct msg_rpc_lookup_name); - msg_lookup->rid = s->lookup.out.rids.ids; - msg_lookup->count = s->lookup.out.rids.count; + msg_lookup->rid = s->lookup.out.rids->ids; + msg_lookup->count = s->lookup.out.rids->count; msg.data = (void*)msg_lookup; msg.data_size = sizeof(*msg_lookup); @@ -94,7 +94,7 @@ static void continue_groupinfo_lookup(struct rpc_request *req) /* have we actually got name resolved - we're looking for only one at the moment */ - if (s->lookup.out.rids.count == 0) { + if (s->lookup.out.rids->count == 0) { composite_error(c, NT_STATUS_NO_SUCH_USER); } @@ -103,7 +103,7 @@ static void continue_groupinfo_lookup(struct rpc_request *req) /* prepare parameters for LookupNames */ s->opengroup.in.domain_handle = &s->domain_handle; s->opengroup.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - s->opengroup.in.rid = s->lookup.out.rids.ids[0]; + s->opengroup.in.rid = s->lookup.out.rids->ids[0]; s->opengroup.out.group_handle = &s->group_handle; /* send request */ @@ -152,6 +152,8 @@ static void continue_groupinfo_opengroup(struct rpc_request *req) /* prepare parameters for QueryGroupInfo call */ s->querygroupinfo.in.group_handle = &s->group_handle; s->querygroupinfo.in.level = s->level; + s->querygroupinfo.out.info = talloc(s, union samr_GroupInfo *); + if (composite_nomem(s->querygroupinfo.out.info, c)) return; /* queue rpc call, set event handling and new state */ querygroup_req = dcerpc_samr_QueryGroupInfo_send(s->pipe, c, &s->querygroupinfo); @@ -185,7 +187,7 @@ static void continue_groupinfo_getgroup(struct rpc_request *req) return; } - s->info = talloc_steal(s, s->querygroupinfo.out.info); + s->info = talloc_steal(s, *s->querygroupinfo.out.info); /* issue a monitor message */ if (s->monitor_fn) { @@ -301,7 +303,11 @@ struct composite_context *libnet_rpc_groupinfo_send(struct dcerpc_pipe *p, s->lookup.in.names[0].string = talloc_strdup(s, io->in.groupname); if (composite_nomem(s->lookup.in.names[0].string, c)) return c; - + s->lookup.out.rids = talloc_zero(s, struct samr_Ids); + s->lookup.out.types = talloc_zero(s, struct samr_Ids); + if (composite_nomem(s->lookup.out.rids, c)) return c; + if (composite_nomem(s->lookup.out.types, c)) return c; + /* send request */ lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookup); if (composite_nomem(lookup_req, c)) return c; diff --git a/source4/libnet/groupman.c b/source4/libnet/groupman.c index 58d5742336..4dfb2d8aab 100644 --- a/source4/libnet/groupman.c +++ b/source4/libnet/groupman.c @@ -174,6 +174,10 @@ struct composite_context* libnet_rpc_groupdel_send(struct dcerpc_pipe *p, s->lookupname.in.num_names = 1; s->lookupname.in.names = talloc_zero(s, struct lsa_String); s->lookupname.in.names->string = io->in.groupname; + s->lookupname.out.rids = talloc_zero(s, struct samr_Ids); + s->lookupname.out.types = talloc_zero(s, struct samr_Ids); + if (composite_nomem(s->lookupname.out.rids, c)) return c; + if (composite_nomem(s->lookupname.out.types, c)) return c; /* send the request */ lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname); @@ -205,12 +209,12 @@ static void continue_groupdel_name_found(struct rpc_request *req) /* what to do when there's no group account to delete and what if there's more than one rid resolved */ - if (!s->lookupname.out.rids.count) { + if (!s->lookupname.out.rids->count) { c->status = NT_STATUS_NO_SUCH_GROUP; composite_error(c, c->status); return; - } else if (!s->lookupname.out.rids.count > 1) { + } else if (!s->lookupname.out.rids->count > 1) { c->status = NT_STATUS_INVALID_ACCOUNT_NAME; composite_error(c, c->status); return; @@ -218,7 +222,7 @@ static void continue_groupdel_name_found(struct rpc_request *req) /* prepare the arguments for rpc call */ s->opengroup.in.domain_handle = &s->domain_handle; - s->opengroup.in.rid = s->lookupname.out.rids.ids[0]; + s->opengroup.in.rid = s->lookupname.out.rids->ids[0]; s->opengroup.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; s->opengroup.out.group_handle = &s->group_handle; diff --git a/source4/libnet/libnet_domain.c b/source4/libnet/libnet_domain.c index ccdfdaf134..eb6920d88e 100644 --- a/source4/libnet/libnet_domain.c +++ b/source4/libnet/libnet_domain.c @@ -40,6 +40,7 @@ struct domain_open_samr_state { uint32_t access_mask; struct policy_handle connect_handle; struct policy_handle domain_handle; + struct dom_sid2 *domain_sid; /* information about the progress */ void (*monitor_fn)(struct monitor_msg*); @@ -159,6 +160,8 @@ static void continue_domain_open_connect(struct rpc_request *req) /* prepare for samr_LookupDomain call */ r->in.connect_handle = &s->connect_handle; r->in.domain_name = &s->domain_name; + r->out.sid = talloc(s, struct dom_sid2 *); + if (composite_nomem(r->out.sid, c)) return; lookup_req = dcerpc_samr_LookupDomain_send(s->pipe, c, r); if (composite_nomem(lookup_req, c)) return; @@ -209,7 +212,7 @@ static void continue_domain_open_lookup(struct rpc_request *req) /* prepare for samr_OpenDomain call */ r->in.connect_handle = &s->connect_handle; r->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r->in.sid = s->lookup.out.sid; + r->in.sid = *s->lookup.out.sid; r->out.domain_handle = &s->domain_handle; opendom_req = dcerpc_samr_OpenDomain_send(s->pipe, c, r); @@ -361,7 +364,7 @@ NTSTATUS libnet_DomainOpenSamr_recv(struct composite_context *c, struct libnet_c libnet functions */ ctx->samr.connect_handle = s->connect_handle; ctx->samr.handle = s->domain_handle; - ctx->samr.sid = talloc_steal(ctx, s->lookup.out.sid); + ctx->samr.sid = talloc_steal(ctx, *s->lookup.out.sid); ctx->samr.name = talloc_steal(ctx, s->domain_name.string); ctx->samr.access_mask = s->access_mask; } @@ -998,6 +1001,10 @@ static void continue_samr_connect(struct rpc_request *req) s->enumdom.in.resume_handle = &s->resume_handle; s->enumdom.in.buf_size = s->buf_size; s->enumdom.out.resume_handle = &s->resume_handle; + s->enumdom.out.num_entries = talloc(s, uint32_t); + if (composite_nomem(s->enumdom.out.num_entries, c)) return; + s->enumdom.out.sam = talloc(s, struct samr_SamArray *); + if (composite_nomem(s->enumdom.out.sam, c)) return; enumdom_req = dcerpc_samr_EnumDomains_send(s->ctx->samr.pipe, c, &s->enumdom); if (composite_nomem(enumdom_req, c)) return; @@ -1113,16 +1120,16 @@ static struct domainlist* get_domain_list(TALLOC_CTX *mem_ctx, struct domain_lis /* prepare domains array */ if (s->domains == NULL) { s->domains = talloc_array(mem_ctx, struct domainlist, - s->enumdom.out.num_entries); + *s->enumdom.out.num_entries); } else { s->domains = talloc_realloc(mem_ctx, s->domains, struct domainlist, - s->count + s->enumdom.out.num_entries); + s->count + *s->enumdom.out.num_entries); } /* copy domain names returned from samr_EnumDomains call */ - for (i = s->count; i < s->count + s->enumdom.out.num_entries; i++) + for (i = s->count; i < s->count + *s->enumdom.out.num_entries; i++) { - struct lsa_String *domain_name = &s->enumdom.out.sam->entries[i - s->count].name; + struct lsa_String *domain_name = &(*s->enumdom.out.sam)->entries[i - s->count].name; /* strdup name as a child of allocated array to make it follow the array in case of talloc_steal or talloc_free */ @@ -1131,7 +1138,7 @@ static struct domainlist* get_domain_list(TALLOC_CTX *mem_ctx, struct domain_lis } /* number of entries returned (domains enumerated) */ - s->count += s->enumdom.out.num_entries; + s->count += *s->enumdom.out.num_entries; return s->domains; } diff --git a/source4/libnet/libnet_group.c b/source4/libnet/libnet_group.c index eded378511..af5fe4d5d3 100644 --- a/source4/libnet/libnet_group.c +++ b/source4/libnet/libnet_group.c @@ -518,6 +518,10 @@ static void continue_domain_queried(struct rpc_request *req) s->group_list.in.max_size = s->page_size; s->group_list.in.resume_handle = &s->resume_index; s->group_list.out.resume_handle = &s->resume_index; + s->group_list.out.num_entries = talloc(s, uint32_t); + if (composite_nomem(s->group_list.out.num_entries, c)) return; + s->group_list.out.sam = talloc(s, struct samr_SamArray *); + if (composite_nomem(s->group_list.out.sam, c)) return; /* send the request */ enum_req = dcerpc_samr_EnumDomainGroups_send(s->ctx->samr.pipe, c, &s->group_list); @@ -549,6 +553,10 @@ static void continue_samr_domain_opened(struct composite_context *ctx) s->group_list.in.max_size = s->page_size; s->group_list.in.resume_handle = &s->resume_index; s->group_list.out.resume_handle = &s->resume_index; + s->group_list.out.num_entries = talloc(s, uint32_t); + if (composite_nomem(s->group_list.out.num_entries, c)) return; + s->group_list.out.sam = talloc(s, struct samr_SamArray *); + if (composite_nomem(s->group_list.out.sam, c)) return; /* send the request */ enum_req = dcerpc_samr_EnumDomainGroups_send(s->ctx->samr.pipe, c, &s->group_list); @@ -587,15 +595,15 @@ static void continue_groups_enumerated(struct rpc_request *req) /* get enumerated accounts counter and resume handle (the latter allows making subsequent call to continue enumeration) */ s->resume_index = *s->group_list.out.resume_handle; - s->count = s->group_list.out.num_entries; + s->count = *s->group_list.out.num_entries; /* prepare returned group accounts array */ - s->groups = talloc_array(c, struct grouplist, s->group_list.out.sam->count); + s->groups = talloc_array(c, struct grouplist, (*s->group_list.out.sam)->count); if (composite_nomem(s->groups, c)) return; - for (i = 0; i < s->group_list.out.sam->count; i++) { + for (i = 0; i < (*s->group_list.out.sam)->count; i++) { struct dom_sid *group_sid; - struct samr_SamEntry *entry = &s->group_list.out.sam->entries[i]; + struct samr_SamEntry *entry = &(*s->group_list.out.sam)->entries[i]; struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid; /* construct group sid from returned rid and queried domain sid */ diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c index 0ed5e8ae26..70fcb4a894 100644 --- a/source4/libnet/libnet_join.c +++ b/source4/libnet/libnet_join.c @@ -444,13 +444,16 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru struct samr_OpenDomain od; struct policy_handle d_handle; struct samr_LookupNames ln; + struct samr_Ids rids, types; struct samr_OpenUser ou; struct samr_CreateUser2 cu; struct policy_handle *u_handle = NULL; struct samr_QueryUserInfo qui; + union samr_UserInfo *uinfo; struct samr_UserInfo21 u_info21; union libnet_SetPassword r2; struct samr_GetUserPwInfo pwp; + struct samr_PwInfo info; struct lsa_String samr_account_name; uint32_t acct_flags, old_acct_flags; @@ -559,9 +562,11 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru if (!connect_with_info->out.domain_sid) { struct lsa_String name; struct samr_LookupDomain l; + struct dom_sid2 *sid = NULL; name.string = connect_with_info->out.domain_name; l.in.connect_handle = &p_handle; l.in.domain_name = &name; + l.out.sid = &sid; status = dcerpc_samr_LookupDomain(samr_pipe, tmp_ctx, &l); if (!NT_STATUS_IS_OK(status)) { @@ -571,7 +576,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru talloc_free(tmp_ctx); return status; } - connect_with_info->out.domain_sid = l.out.sid; + connect_with_info->out.domain_sid = *l.out.sid; } /* prepare samr_OpenDomain */ @@ -611,6 +616,8 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru ln.in.domain_handle = &d_handle; ln.in.num_names = 1; ln.in.names = talloc_array(tmp_ctx, struct lsa_String, 1); + ln.out.rids = &rids; + ln.out.types = &types; if (!ln.in.names) { r->out.error_string = NULL; talloc_free(tmp_ctx); @@ -630,10 +637,10 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru } /* check if we got one RID for the user */ - if (ln.out.rids.count != 1) { + if (ln.out.rids->count != 1) { r->out.error_string = talloc_asprintf(mem_ctx, "samr_LookupNames for [%s] returns %d RIDs", - r->in.account_name, ln.out.rids.count); + r->in.account_name, ln.out.rids->count); talloc_free(tmp_ctx); return NT_STATUS_INVALID_PARAMETER; } @@ -642,7 +649,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru ZERO_STRUCTP(u_handle); ou.in.domain_handle = &d_handle; ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - ou.in.rid = ln.out.rids.ids[0]; + ou.in.rid = ln.out.rids->ids[0]; rid = ou.in.rid; ou.out.user_handle = u_handle; @@ -694,6 +701,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru /* prepare samr_QueryUserInfo (get flags) */ qui.in.user_handle = u_handle; qui.in.level = 16; + qui.out.info = &uinfo; status = dcerpc_samr_QueryUserInfo(samr_pipe, tmp_ctx, &qui); if (!NT_STATUS_IS_OK(status)) { @@ -705,7 +713,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru return status; } - if (!qui.out.info) { + if (!uinfo) { status = NT_STATUS_INVALID_PARAMETER; r->out.error_string = talloc_asprintf(mem_ctx, @@ -715,7 +723,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru return status; } - old_acct_flags = (qui.out.info->info16.acct_flags & (ACB_WSTRUST | ACB_SVRTRUST | ACB_DOMTRUST)); + old_acct_flags = (uinfo->info16.acct_flags & (ACB_WSTRUST | ACB_SVRTRUST | ACB_DOMTRUST)); /* Possibly bail if the account is of the wrong type */ if (old_acct_flags != r->in.acct_type) { @@ -771,17 +779,18 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru return NT_STATUS_USER_EXISTS; } } else { - acct_flags = qui.out.info->info16.acct_flags; + acct_flags = uinfo->info16.acct_flags; } acct_flags = (acct_flags & ~(ACB_DISABLED|ACB_PWNOTREQ)); /* Find out what password policy this user has */ pwp.in.user_handle = u_handle; + pwp.out.info = &info; status = dcerpc_samr_GetUserPwInfo(samr_pipe, tmp_ctx, &pwp); if (NT_STATUS_IS_OK(status)) { - policy_min_pw_len = pwp.out.info.min_password_length; + policy_min_pw_len = pwp.out.info->min_password_length; } /* Grab a password of that minimum length */ diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c index de2ed01abd..80de6134b5 100644 --- a/source4/libnet/libnet_passwd.c +++ b/source4/libnet/libnet_passwd.c @@ -50,6 +50,8 @@ static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CT struct samr_Password nt_verifier, lm_verifier; uint8_t old_nt_hash[16], new_nt_hash[16]; uint8_t old_lm_hash[16], new_lm_hash[16]; + struct samr_DomInfo1 *dominfo = NULL; + struct samr_ChangeReject *reject = NULL; /* prepare connect to the SAMR pipe of the users domain PDC */ c.level = LIBNET_RPC_CONNECT_PDC; @@ -92,6 +94,8 @@ static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CT pw3.in.lm_password = &lm_pass; pw3.in.lm_verifier = &lm_verifier; pw3.in.password3 = NULL; + pw3.out.dominfo = &dominfo; + pw3.out.reject = &reject; /* 2. try samr_ChangePasswordUser3 */ status = dcerpc_samr_ChangePasswordUser3(c.out.dcerpc_pipe, mem_ctx, &pw3); @@ -303,7 +307,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_26(struct libnet_context *ctx, TA /* prepare samr_SetUserInfo2 level 26 */ ZERO_STRUCT(u_info); encode_pw_buffer(u_info.info26.password.data, r->samr_handle.in.newpassword, STR_UNICODE); - u_info.info26.pw_len = strlen(r->samr_handle.in.newpassword); + u_info.info26.password_expired = 0; status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key); if (!NT_STATUS_IS_OK(status)) { @@ -406,8 +410,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_24(struct libnet_context *ctx, TA /* prepare samr_SetUserInfo2 level 24 */ ZERO_STRUCT(u_info); encode_pw_buffer(u_info.info24.password.data, r->samr_handle.in.newpassword, STR_UNICODE); - /* w2k3 ignores this length */ - u_info.info24.pw_len = strlen_m(r->samr_handle.in.newpassword)*2; + u_info.info24.password_expired = 0; status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key); if (!NT_STATUS_IS_OK(status)) { @@ -527,10 +530,12 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * struct samr_Connect sc; struct policy_handle p_handle; struct samr_LookupDomain ld; + struct dom_sid2 *sid = NULL; struct lsa_String d_name; struct samr_OpenDomain od; struct policy_handle d_handle; struct samr_LookupNames ln; + struct samr_Ids rids, types; struct samr_OpenUser ou; struct policy_handle u_handle; union libnet_SetPassword r2; @@ -568,6 +573,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * d_name.string = r->samr.in.domain_name; ld.in.connect_handle = &p_handle; ld.in.domain_name = &d_name; + ld.out.sid = &sid; /* 3. do a samr_LookupDomain to get the domain sid */ status = dcerpc_samr_LookupDomain(c.out.dcerpc_pipe, mem_ctx, &ld); @@ -582,7 +588,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * ZERO_STRUCT(d_handle); od.in.connect_handle = &p_handle; od.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - od.in.sid = ld.out.sid; + od.in.sid = *ld.out.sid; od.out.domain_handle = &d_handle; /* 4. do a samr_OpenDomain to get a domain handle */ @@ -598,6 +604,8 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * ln.in.domain_handle = &d_handle; ln.in.num_names = 1; ln.in.names = talloc_array(mem_ctx, struct lsa_String, 1); + ln.out.rids = &rids; + ln.out.types = &types; if (!ln.in.names) { r->samr.out.error_string = "Out of Memory"; return NT_STATUS_NO_MEMORY; @@ -614,10 +622,10 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * } /* check if we got one RID for the user */ - if (ln.out.rids.count != 1) { + if (ln.out.rids->count != 1) { r->samr.out.error_string = talloc_asprintf(mem_ctx, "samr_LookupNames for [%s] returns %d RIDs", - r->samr.in.account_name, ln.out.rids.count); + r->samr.in.account_name, ln.out.rids->count); status = NT_STATUS_INVALID_PARAMETER; goto disconnect; } @@ -626,7 +634,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX * ZERO_STRUCT(u_handle); ou.in.domain_handle = &d_handle; ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - ou.in.rid = ln.out.rids.ids[0]; + ou.in.rid = ln.out.rids->ids[0]; ou.out.user_handle = &u_handle; /* 6. do a samr_OpenUser to get a user handle */ diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c index 8b7dd1f598..160b4b3e19 100644 --- a/source4/libnet/libnet_samsync_ldb.c +++ b/source4/libnet/libnet_samsync_ldb.c @@ -384,7 +384,11 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx, } ADD_OR_DEL(string, "comment", comment.string); - ADD_OR_DEL(string, "userParameters", parameters.string); + + if (samdb_msg_add_parameters(state->sam_ldb, mem_ctx, msg, "userParameters", &user->parameters) != 0) { + return NT_STATUS_NO_MEMORY; + } + ADD_OR_DEL(uint, "countryCode", country_code); ADD_OR_DEL(uint, "codePage", code_page); diff --git a/source4/libnet/libnet_user.c b/source4/libnet/libnet_user.c index c768319452..8606d0856e 100644 --- a/source4/libnet/libnet_user.c +++ b/source4/libnet/libnet_user.c @@ -1032,6 +1032,10 @@ static void continue_domain_queried(struct rpc_request *req) s->user_list.in.resume_handle = &s->resume_index; s->user_list.in.acct_flags = ACB_NORMAL; s->user_list.out.resume_handle = &s->resume_index; + s->user_list.out.num_entries = talloc(s, uint32_t); + if (composite_nomem(s->user_list.out.num_entries, c)) return; + s->user_list.out.sam = talloc(s, struct samr_SamArray *); + if (composite_nomem(s->user_list.out.sam, c)) return; /* send the request */ enum_req = dcerpc_samr_EnumDomainUsers_send(s->ctx->samr.pipe, c, &s->user_list); @@ -1064,6 +1068,10 @@ static void continue_samr_domain_opened(struct composite_context *ctx) s->user_list.in.resume_handle = &s->resume_index; s->user_list.in.acct_flags = ACB_NORMAL; s->user_list.out.resume_handle = &s->resume_index; + s->user_list.out.sam = talloc(s, struct samr_SamArray *); + if (composite_nomem(s->user_list.out.sam, c)) return; + s->user_list.out.num_entries = talloc(s, uint32_t); + if (composite_nomem(s->user_list.out.num_entries, c)) return; /* send the request */ enum_req = dcerpc_samr_EnumDomainUsers_send(s->ctx->samr.pipe, c, &s->user_list); @@ -1102,15 +1110,15 @@ static void continue_users_enumerated(struct rpc_request *req) /* get enumerated accounts counter and resume handle (the latter allows making subsequent call to continue enumeration) */ s->resume_index = *s->user_list.out.resume_handle; - s->count = s->user_list.out.num_entries; + s->count = *s->user_list.out.num_entries; /* prepare returned user accounts array */ - s->users = talloc_array(c, struct userlist, s->user_list.out.sam->count); + s->users = talloc_array(c, struct userlist, (*s->user_list.out.sam)->count); if (composite_nomem(s->users, c)) return; - for (i = 0; i < s->user_list.out.sam->count; i++) { + for (i = 0; i < (*s->user_list.out.sam)->count; i++) { struct dom_sid *user_sid; - struct samr_SamEntry *entry = &s->user_list.out.sam->entries[i]; + struct samr_SamEntry *entry = &(*s->user_list.out.sam)->entries[i]; struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid; /* construct user sid from returned rid and queried domain sid */ diff --git a/source4/libnet/userinfo.c b/source4/libnet/userinfo.c index e8b6b090c7..710154d41e 100644 --- a/source4/libnet/userinfo.c +++ b/source4/libnet/userinfo.c @@ -82,8 +82,8 @@ static void continue_userinfo_lookup(struct rpc_request *req) if (s->monitor_fn) { msg.type = mon_SamrLookupName; msg_lookup = talloc(s, struct msg_rpc_lookup_name); - msg_lookup->rid = s->lookup.out.rids.ids; - msg_lookup->count = s->lookup.out.rids.count; + msg_lookup->rid = s->lookup.out.rids->ids; + msg_lookup->count = s->lookup.out.rids->count; msg.data = (void*)msg_lookup; msg.data_size = sizeof(*msg_lookup); @@ -93,7 +93,7 @@ static void continue_userinfo_lookup(struct rpc_request *req) /* have we actually got name resolved - we're looking for only one at the moment */ - if (s->lookup.out.rids.count == 0) { + if (s->lookup.out.rids->count == 0) { composite_error(c, NT_STATUS_NO_SUCH_USER); } @@ -102,7 +102,7 @@ static void continue_userinfo_lookup(struct rpc_request *req) /* prepare parameters for LookupNames */ s->openuser.in.domain_handle = &s->domain_handle; s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - s->openuser.in.rid = s->lookup.out.rids.ids[0]; + s->openuser.in.rid = s->lookup.out.rids->ids[0]; s->openuser.out.user_handle = &s->user_handle; /* send request */ @@ -151,6 +151,8 @@ static void continue_userinfo_openuser(struct rpc_request *req) /* prepare parameters for QueryUserInfo call */ s->queryuserinfo.in.user_handle = &s->user_handle; s->queryuserinfo.in.level = s->level; + s->queryuserinfo.out.info = talloc(s, union samr_UserInfo *); + if (composite_nomem(s->queryuserinfo.out.info, c)) return; /* queue rpc call, set event handling and new state */ queryuser_req = dcerpc_samr_QueryUserInfo_send(s->pipe, c, &s->queryuserinfo); @@ -184,7 +186,7 @@ static void continue_userinfo_getuser(struct rpc_request *req) return; } - s->info = talloc_steal(s, s->queryuserinfo.out.info); + s->info = talloc_steal(s, *(s->queryuserinfo.out.info)); /* issue a monitor message */ if (s->monitor_fn) { @@ -297,6 +299,10 @@ struct composite_context *libnet_rpc_userinfo_send(struct dcerpc_pipe *p, s->lookup.in.num_names = 1; s->lookup.in.names = talloc_array(s, struct lsa_String, 1); if (composite_nomem(s->lookup.in.names, c)) return c; + s->lookup.out.rids = talloc_zero(s, struct samr_Ids); + s->lookup.out.types = talloc_zero(s, struct samr_Ids); + if (composite_nomem(s->lookup.out.rids, c)) return c; + if (composite_nomem(s->lookup.out.types, c)) return c; s->lookup.in.names[0].string = talloc_strdup(s, io->in.username); if (composite_nomem(s->lookup.in.names[0].string, c)) return c; diff --git a/source4/libnet/userman.c b/source4/libnet/userman.c index 398d9f2cb0..c638d8af32 100644 --- a/source4/libnet/userman.c +++ b/source4/libnet/userman.c @@ -236,12 +236,12 @@ static void continue_userdel_name_found(struct rpc_request *req) /* what to do when there's no user account to delete and what if there's more than one rid resolved */ - if (!s->lookupname.out.rids.count) { + if (!s->lookupname.out.rids->count) { c->status = NT_STATUS_NO_SUCH_USER; composite_error(c, c->status); return; - } else if (!s->lookupname.out.rids.count > 1) { + } else if (!s->lookupname.out.rids->count > 1) { c->status = NT_STATUS_INVALID_ACCOUNT_NAME; composite_error(c, c->status); return; @@ -251,8 +251,8 @@ static void continue_userdel_name_found(struct rpc_request *req) if (s->monitor_fn) { struct msg_rpc_lookup_name msg_lookup; - msg_lookup.rid = s->lookupname.out.rids.ids; - msg_lookup.count = s->lookupname.out.rids.count; + msg_lookup.rid = s->lookupname.out.rids->ids; + msg_lookup.count = s->lookupname.out.rids->count; msg.type = mon_SamrLookupName; msg.data = (void*)&msg_lookup; @@ -262,7 +262,7 @@ static void continue_userdel_name_found(struct rpc_request *req) /* prepare the arguments for rpc call */ s->openuser.in.domain_handle = &s->domain_handle; - s->openuser.in.rid = s->lookupname.out.rids.ids[0]; + s->openuser.in.rid = s->lookupname.out.rids->ids[0]; s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; s->openuser.out.user_handle = &s->user_handle; @@ -393,6 +393,10 @@ struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p, s->lookupname.in.num_names = 1; s->lookupname.in.names = talloc_zero(s, struct lsa_String); s->lookupname.in.names->string = io->in.username; + s->lookupname.out.rids = talloc_zero(s, struct samr_Ids); + s->lookupname.out.types = talloc_zero(s, struct samr_Ids); + if (composite_nomem(s->lookupname.out.rids, c)) return c; + if (composite_nomem(s->lookupname.out.types, c)) return c; /* send the request */ lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname); @@ -500,12 +504,12 @@ static void continue_usermod_name_found(struct rpc_request *req) /* what to do when there's no user account to delete and what if there's more than one rid resolved */ - if (!s->lookupname.out.rids.count) { + if (!s->lookupname.out.rids->count) { c->status = NT_STATUS_NO_SUCH_USER; composite_error(c, c->status); return; - } else if (!s->lookupname.out.rids.count > 1) { + } else if (!s->lookupname.out.rids->count > 1) { c->status = NT_STATUS_INVALID_ACCOUNT_NAME; composite_error(c, c->status); return; @@ -515,8 +519,8 @@ static void continue_usermod_name_found(struct rpc_request *req) if (s->monitor_fn) { struct msg_rpc_lookup_name msg_lookup; - msg_lookup.rid = s->lookupname.out.rids.ids; - msg_lookup.count = s->lookupname.out.rids.count; + msg_lookup.rid = s->lookupname.out.rids->ids; + msg_lookup.count = s->lookupname.out.rids->count; msg.type = mon_SamrLookupName; msg.data = (void*)&msg_lookup; @@ -526,7 +530,7 @@ static void continue_usermod_name_found(struct rpc_request *req) /* prepare the next rpc call */ s->openuser.in.domain_handle = &s->domain_handle; - s->openuser.in.rid = s->lookupname.out.rids.ids[0]; + s->openuser.in.rid = s->lookupname.out.rids->ids[0]; s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; s->openuser.out.user_handle = &s->user_handle; @@ -679,6 +683,9 @@ static NTSTATUS usermod_change(struct composite_context *c, if (!do_set) { s->queryuser.in.user_handle = &s->user_handle; s->queryuser.in.level = level; + s->queryuser.out.info = talloc(s, union samr_UserInfo *); + if (composite_nomem(s->queryuser.out.info, c)) return; + /* send query user info request to retrieve complete data of a particular info level */ @@ -751,7 +758,7 @@ static void continue_usermod_user_queried(struct rpc_request *req) /* get returned user data and make a change (potentially one of many) */ - s->info = *s->queryuser.out.info; + s->info = *(*s->queryuser.out.info); usermod_setfields(s, &level, i, true); @@ -834,6 +841,10 @@ struct composite_context *libnet_rpc_usermod_send(struct dcerpc_pipe *p, s->lookupname.in.num_names = 1; s->lookupname.in.names = talloc_zero(s, struct lsa_String); s->lookupname.in.names->string = io->in.username; + s->lookupname.out.rids = talloc_zero(s, struct samr_Ids); + s->lookupname.out.types = talloc_zero(s, struct samr_Ids); + if (composite_nomem(s->lookupname.out.rids, c)) return c; + if (composite_nomem(s->lookupname.out.types, c)) return c; /* send the rpc request */ lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname); |