summaryrefslogtreecommitdiff
path: root/source4/libnet
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libnet')
-rw-r--r--source4/libnet/groupinfo.c18
-rw-r--r--source4/libnet/groupman.c10
-rw-r--r--source4/libnet/libnet_domain.c21
-rw-r--r--source4/libnet/libnet_group.c16
-rw-r--r--source4/libnet/libnet_join.c25
-rw-r--r--source4/libnet/libnet_passwd.c22
-rw-r--r--source4/libnet/libnet_samsync_ldb.c6
-rw-r--r--source4/libnet/libnet_user.c16
-rw-r--r--source4/libnet/userinfo.c16
-rw-r--r--source4/libnet/userman.c33
10 files changed, 127 insertions, 56 deletions
diff --git a/source4/libnet/groupinfo.c b/source4/libnet/groupinfo.c
index 1da6646702..5c94c34b1d 100644
--- a/source4/libnet/groupinfo.c
+++ b/source4/libnet/groupinfo.c
@@ -83,8 +83,8 @@ static void continue_groupinfo_lookup(struct rpc_request *req)
if (s->monitor_fn) {
msg.type = mon_SamrLookupName;
msg_lookup = talloc(s, struct msg_rpc_lookup_name);
- msg_lookup->rid = s->lookup.out.rids.ids;
- msg_lookup->count = s->lookup.out.rids.count;
+ msg_lookup->rid = s->lookup.out.rids->ids;
+ msg_lookup->count = s->lookup.out.rids->count;
msg.data = (void*)msg_lookup;
msg.data_size = sizeof(*msg_lookup);
@@ -94,7 +94,7 @@ static void continue_groupinfo_lookup(struct rpc_request *req)
/* have we actually got name resolved
- we're looking for only one at the moment */
- if (s->lookup.out.rids.count == 0) {
+ if (s->lookup.out.rids->count == 0) {
composite_error(c, NT_STATUS_NO_SUCH_USER);
}
@@ -103,7 +103,7 @@ static void continue_groupinfo_lookup(struct rpc_request *req)
/* prepare parameters for LookupNames */
s->opengroup.in.domain_handle = &s->domain_handle;
s->opengroup.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- s->opengroup.in.rid = s->lookup.out.rids.ids[0];
+ s->opengroup.in.rid = s->lookup.out.rids->ids[0];
s->opengroup.out.group_handle = &s->group_handle;
/* send request */
@@ -152,6 +152,8 @@ static void continue_groupinfo_opengroup(struct rpc_request *req)
/* prepare parameters for QueryGroupInfo call */
s->querygroupinfo.in.group_handle = &s->group_handle;
s->querygroupinfo.in.level = s->level;
+ s->querygroupinfo.out.info = talloc(s, union samr_GroupInfo *);
+ if (composite_nomem(s->querygroupinfo.out.info, c)) return;
/* queue rpc call, set event handling and new state */
querygroup_req = dcerpc_samr_QueryGroupInfo_send(s->pipe, c, &s->querygroupinfo);
@@ -185,7 +187,7 @@ static void continue_groupinfo_getgroup(struct rpc_request *req)
return;
}
- s->info = talloc_steal(s, s->querygroupinfo.out.info);
+ s->info = talloc_steal(s, *s->querygroupinfo.out.info);
/* issue a monitor message */
if (s->monitor_fn) {
@@ -301,7 +303,11 @@ struct composite_context *libnet_rpc_groupinfo_send(struct dcerpc_pipe *p,
s->lookup.in.names[0].string = talloc_strdup(s, io->in.groupname);
if (composite_nomem(s->lookup.in.names[0].string, c)) return c;
-
+ s->lookup.out.rids = talloc_zero(s, struct samr_Ids);
+ s->lookup.out.types = talloc_zero(s, struct samr_Ids);
+ if (composite_nomem(s->lookup.out.rids, c)) return c;
+ if (composite_nomem(s->lookup.out.types, c)) return c;
+
/* send request */
lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookup);
if (composite_nomem(lookup_req, c)) return c;
diff --git a/source4/libnet/groupman.c b/source4/libnet/groupman.c
index 58d5742336..4dfb2d8aab 100644
--- a/source4/libnet/groupman.c
+++ b/source4/libnet/groupman.c
@@ -174,6 +174,10 @@ struct composite_context* libnet_rpc_groupdel_send(struct dcerpc_pipe *p,
s->lookupname.in.num_names = 1;
s->lookupname.in.names = talloc_zero(s, struct lsa_String);
s->lookupname.in.names->string = io->in.groupname;
+ s->lookupname.out.rids = talloc_zero(s, struct samr_Ids);
+ s->lookupname.out.types = talloc_zero(s, struct samr_Ids);
+ if (composite_nomem(s->lookupname.out.rids, c)) return c;
+ if (composite_nomem(s->lookupname.out.types, c)) return c;
/* send the request */
lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
@@ -205,12 +209,12 @@ static void continue_groupdel_name_found(struct rpc_request *req)
/* what to do when there's no group account to delete
and what if there's more than one rid resolved */
- if (!s->lookupname.out.rids.count) {
+ if (!s->lookupname.out.rids->count) {
c->status = NT_STATUS_NO_SUCH_GROUP;
composite_error(c, c->status);
return;
- } else if (!s->lookupname.out.rids.count > 1) {
+ } else if (!s->lookupname.out.rids->count > 1) {
c->status = NT_STATUS_INVALID_ACCOUNT_NAME;
composite_error(c, c->status);
return;
@@ -218,7 +222,7 @@ static void continue_groupdel_name_found(struct rpc_request *req)
/* prepare the arguments for rpc call */
s->opengroup.in.domain_handle = &s->domain_handle;
- s->opengroup.in.rid = s->lookupname.out.rids.ids[0];
+ s->opengroup.in.rid = s->lookupname.out.rids->ids[0];
s->opengroup.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->opengroup.out.group_handle = &s->group_handle;
diff --git a/source4/libnet/libnet_domain.c b/source4/libnet/libnet_domain.c
index ccdfdaf134..eb6920d88e 100644
--- a/source4/libnet/libnet_domain.c
+++ b/source4/libnet/libnet_domain.c
@@ -40,6 +40,7 @@ struct domain_open_samr_state {
uint32_t access_mask;
struct policy_handle connect_handle;
struct policy_handle domain_handle;
+ struct dom_sid2 *domain_sid;
/* information about the progress */
void (*monitor_fn)(struct monitor_msg*);
@@ -159,6 +160,8 @@ static void continue_domain_open_connect(struct rpc_request *req)
/* prepare for samr_LookupDomain call */
r->in.connect_handle = &s->connect_handle;
r->in.domain_name = &s->domain_name;
+ r->out.sid = talloc(s, struct dom_sid2 *);
+ if (composite_nomem(r->out.sid, c)) return;
lookup_req = dcerpc_samr_LookupDomain_send(s->pipe, c, r);
if (composite_nomem(lookup_req, c)) return;
@@ -209,7 +212,7 @@ static void continue_domain_open_lookup(struct rpc_request *req)
/* prepare for samr_OpenDomain call */
r->in.connect_handle = &s->connect_handle;
r->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- r->in.sid = s->lookup.out.sid;
+ r->in.sid = *s->lookup.out.sid;
r->out.domain_handle = &s->domain_handle;
opendom_req = dcerpc_samr_OpenDomain_send(s->pipe, c, r);
@@ -361,7 +364,7 @@ NTSTATUS libnet_DomainOpenSamr_recv(struct composite_context *c, struct libnet_c
libnet functions */
ctx->samr.connect_handle = s->connect_handle;
ctx->samr.handle = s->domain_handle;
- ctx->samr.sid = talloc_steal(ctx, s->lookup.out.sid);
+ ctx->samr.sid = talloc_steal(ctx, *s->lookup.out.sid);
ctx->samr.name = talloc_steal(ctx, s->domain_name.string);
ctx->samr.access_mask = s->access_mask;
}
@@ -998,6 +1001,10 @@ static void continue_samr_connect(struct rpc_request *req)
s->enumdom.in.resume_handle = &s->resume_handle;
s->enumdom.in.buf_size = s->buf_size;
s->enumdom.out.resume_handle = &s->resume_handle;
+ s->enumdom.out.num_entries = talloc(s, uint32_t);
+ if (composite_nomem(s->enumdom.out.num_entries, c)) return;
+ s->enumdom.out.sam = talloc(s, struct samr_SamArray *);
+ if (composite_nomem(s->enumdom.out.sam, c)) return;
enumdom_req = dcerpc_samr_EnumDomains_send(s->ctx->samr.pipe, c, &s->enumdom);
if (composite_nomem(enumdom_req, c)) return;
@@ -1113,16 +1120,16 @@ static struct domainlist* get_domain_list(TALLOC_CTX *mem_ctx, struct domain_lis
/* prepare domains array */
if (s->domains == NULL) {
s->domains = talloc_array(mem_ctx, struct domainlist,
- s->enumdom.out.num_entries);
+ *s->enumdom.out.num_entries);
} else {
s->domains = talloc_realloc(mem_ctx, s->domains, struct domainlist,
- s->count + s->enumdom.out.num_entries);
+ s->count + *s->enumdom.out.num_entries);
}
/* copy domain names returned from samr_EnumDomains call */
- for (i = s->count; i < s->count + s->enumdom.out.num_entries; i++)
+ for (i = s->count; i < s->count + *s->enumdom.out.num_entries; i++)
{
- struct lsa_String *domain_name = &s->enumdom.out.sam->entries[i - s->count].name;
+ struct lsa_String *domain_name = &(*s->enumdom.out.sam)->entries[i - s->count].name;
/* strdup name as a child of allocated array to make it follow the array
in case of talloc_steal or talloc_free */
@@ -1131,7 +1138,7 @@ static struct domainlist* get_domain_list(TALLOC_CTX *mem_ctx, struct domain_lis
}
/* number of entries returned (domains enumerated) */
- s->count += s->enumdom.out.num_entries;
+ s->count += *s->enumdom.out.num_entries;
return s->domains;
}
diff --git a/source4/libnet/libnet_group.c b/source4/libnet/libnet_group.c
index eded378511..af5fe4d5d3 100644
--- a/source4/libnet/libnet_group.c
+++ b/source4/libnet/libnet_group.c
@@ -518,6 +518,10 @@ static void continue_domain_queried(struct rpc_request *req)
s->group_list.in.max_size = s->page_size;
s->group_list.in.resume_handle = &s->resume_index;
s->group_list.out.resume_handle = &s->resume_index;
+ s->group_list.out.num_entries = talloc(s, uint32_t);
+ if (composite_nomem(s->group_list.out.num_entries, c)) return;
+ s->group_list.out.sam = talloc(s, struct samr_SamArray *);
+ if (composite_nomem(s->group_list.out.sam, c)) return;
/* send the request */
enum_req = dcerpc_samr_EnumDomainGroups_send(s->ctx->samr.pipe, c, &s->group_list);
@@ -549,6 +553,10 @@ static void continue_samr_domain_opened(struct composite_context *ctx)
s->group_list.in.max_size = s->page_size;
s->group_list.in.resume_handle = &s->resume_index;
s->group_list.out.resume_handle = &s->resume_index;
+ s->group_list.out.num_entries = talloc(s, uint32_t);
+ if (composite_nomem(s->group_list.out.num_entries, c)) return;
+ s->group_list.out.sam = talloc(s, struct samr_SamArray *);
+ if (composite_nomem(s->group_list.out.sam, c)) return;
/* send the request */
enum_req = dcerpc_samr_EnumDomainGroups_send(s->ctx->samr.pipe, c, &s->group_list);
@@ -587,15 +595,15 @@ static void continue_groups_enumerated(struct rpc_request *req)
/* get enumerated accounts counter and resume handle (the latter allows
making subsequent call to continue enumeration) */
s->resume_index = *s->group_list.out.resume_handle;
- s->count = s->group_list.out.num_entries;
+ s->count = *s->group_list.out.num_entries;
/* prepare returned group accounts array */
- s->groups = talloc_array(c, struct grouplist, s->group_list.out.sam->count);
+ s->groups = talloc_array(c, struct grouplist, (*s->group_list.out.sam)->count);
if (composite_nomem(s->groups, c)) return;
- for (i = 0; i < s->group_list.out.sam->count; i++) {
+ for (i = 0; i < (*s->group_list.out.sam)->count; i++) {
struct dom_sid *group_sid;
- struct samr_SamEntry *entry = &s->group_list.out.sam->entries[i];
+ struct samr_SamEntry *entry = &(*s->group_list.out.sam)->entries[i];
struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid;
/* construct group sid from returned rid and queried domain sid */
diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index 0ed5e8ae26..70fcb4a894 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -444,13 +444,16 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
struct samr_OpenDomain od;
struct policy_handle d_handle;
struct samr_LookupNames ln;
+ struct samr_Ids rids, types;
struct samr_OpenUser ou;
struct samr_CreateUser2 cu;
struct policy_handle *u_handle = NULL;
struct samr_QueryUserInfo qui;
+ union samr_UserInfo *uinfo;
struct samr_UserInfo21 u_info21;
union libnet_SetPassword r2;
struct samr_GetUserPwInfo pwp;
+ struct samr_PwInfo info;
struct lsa_String samr_account_name;
uint32_t acct_flags, old_acct_flags;
@@ -559,9 +562,11 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
if (!connect_with_info->out.domain_sid) {
struct lsa_String name;
struct samr_LookupDomain l;
+ struct dom_sid2 *sid = NULL;
name.string = connect_with_info->out.domain_name;
l.in.connect_handle = &p_handle;
l.in.domain_name = &name;
+ l.out.sid = &sid;
status = dcerpc_samr_LookupDomain(samr_pipe, tmp_ctx, &l);
if (!NT_STATUS_IS_OK(status)) {
@@ -571,7 +576,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
talloc_free(tmp_ctx);
return status;
}
- connect_with_info->out.domain_sid = l.out.sid;
+ connect_with_info->out.domain_sid = *l.out.sid;
}
/* prepare samr_OpenDomain */
@@ -611,6 +616,8 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
ln.in.domain_handle = &d_handle;
ln.in.num_names = 1;
ln.in.names = talloc_array(tmp_ctx, struct lsa_String, 1);
+ ln.out.rids = &rids;
+ ln.out.types = &types;
if (!ln.in.names) {
r->out.error_string = NULL;
talloc_free(tmp_ctx);
@@ -630,10 +637,10 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
}
/* check if we got one RID for the user */
- if (ln.out.rids.count != 1) {
+ if (ln.out.rids->count != 1) {
r->out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupNames for [%s] returns %d RIDs",
- r->in.account_name, ln.out.rids.count);
+ r->in.account_name, ln.out.rids->count);
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_PARAMETER;
}
@@ -642,7 +649,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
ZERO_STRUCTP(u_handle);
ou.in.domain_handle = &d_handle;
ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- ou.in.rid = ln.out.rids.ids[0];
+ ou.in.rid = ln.out.rids->ids[0];
rid = ou.in.rid;
ou.out.user_handle = u_handle;
@@ -694,6 +701,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
/* prepare samr_QueryUserInfo (get flags) */
qui.in.user_handle = u_handle;
qui.in.level = 16;
+ qui.out.info = &uinfo;
status = dcerpc_samr_QueryUserInfo(samr_pipe, tmp_ctx, &qui);
if (!NT_STATUS_IS_OK(status)) {
@@ -705,7 +713,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
return status;
}
- if (!qui.out.info) {
+ if (!uinfo) {
status = NT_STATUS_INVALID_PARAMETER;
r->out.error_string
= talloc_asprintf(mem_ctx,
@@ -715,7 +723,7 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
return status;
}
- old_acct_flags = (qui.out.info->info16.acct_flags & (ACB_WSTRUST | ACB_SVRTRUST | ACB_DOMTRUST));
+ old_acct_flags = (uinfo->info16.acct_flags & (ACB_WSTRUST | ACB_SVRTRUST | ACB_DOMTRUST));
/* Possibly bail if the account is of the wrong type */
if (old_acct_flags
!= r->in.acct_type) {
@@ -771,17 +779,18 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
return NT_STATUS_USER_EXISTS;
}
} else {
- acct_flags = qui.out.info->info16.acct_flags;
+ acct_flags = uinfo->info16.acct_flags;
}
acct_flags = (acct_flags & ~(ACB_DISABLED|ACB_PWNOTREQ));
/* Find out what password policy this user has */
pwp.in.user_handle = u_handle;
+ pwp.out.info = &info;
status = dcerpc_samr_GetUserPwInfo(samr_pipe, tmp_ctx, &pwp);
if (NT_STATUS_IS_OK(status)) {
- policy_min_pw_len = pwp.out.info.min_password_length;
+ policy_min_pw_len = pwp.out.info->min_password_length;
}
/* Grab a password of that minimum length */
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
index de2ed01abd..80de6134b5 100644
--- a/source4/libnet/libnet_passwd.c
+++ b/source4/libnet/libnet_passwd.c
@@ -50,6 +50,8 @@ static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CT
struct samr_Password nt_verifier, lm_verifier;
uint8_t old_nt_hash[16], new_nt_hash[16];
uint8_t old_lm_hash[16], new_lm_hash[16];
+ struct samr_DomInfo1 *dominfo = NULL;
+ struct samr_ChangeReject *reject = NULL;
/* prepare connect to the SAMR pipe of the users domain PDC */
c.level = LIBNET_RPC_CONNECT_PDC;
@@ -92,6 +94,8 @@ static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CT
pw3.in.lm_password = &lm_pass;
pw3.in.lm_verifier = &lm_verifier;
pw3.in.password3 = NULL;
+ pw3.out.dominfo = &dominfo;
+ pw3.out.reject = &reject;
/* 2. try samr_ChangePasswordUser3 */
status = dcerpc_samr_ChangePasswordUser3(c.out.dcerpc_pipe, mem_ctx, &pw3);
@@ -303,7 +307,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_26(struct libnet_context *ctx, TA
/* prepare samr_SetUserInfo2 level 26 */
ZERO_STRUCT(u_info);
encode_pw_buffer(u_info.info26.password.data, r->samr_handle.in.newpassword, STR_UNICODE);
- u_info.info26.pw_len = strlen(r->samr_handle.in.newpassword);
+ u_info.info26.password_expired = 0;
status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key);
if (!NT_STATUS_IS_OK(status)) {
@@ -406,8 +410,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_24(struct libnet_context *ctx, TA
/* prepare samr_SetUserInfo2 level 24 */
ZERO_STRUCT(u_info);
encode_pw_buffer(u_info.info24.password.data, r->samr_handle.in.newpassword, STR_UNICODE);
- /* w2k3 ignores this length */
- u_info.info24.pw_len = strlen_m(r->samr_handle.in.newpassword)*2;
+ u_info.info24.password_expired = 0;
status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key);
if (!NT_STATUS_IS_OK(status)) {
@@ -527,10 +530,12 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
struct samr_Connect sc;
struct policy_handle p_handle;
struct samr_LookupDomain ld;
+ struct dom_sid2 *sid = NULL;
struct lsa_String d_name;
struct samr_OpenDomain od;
struct policy_handle d_handle;
struct samr_LookupNames ln;
+ struct samr_Ids rids, types;
struct samr_OpenUser ou;
struct policy_handle u_handle;
union libnet_SetPassword r2;
@@ -568,6 +573,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
d_name.string = r->samr.in.domain_name;
ld.in.connect_handle = &p_handle;
ld.in.domain_name = &d_name;
+ ld.out.sid = &sid;
/* 3. do a samr_LookupDomain to get the domain sid */
status = dcerpc_samr_LookupDomain(c.out.dcerpc_pipe, mem_ctx, &ld);
@@ -582,7 +588,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
ZERO_STRUCT(d_handle);
od.in.connect_handle = &p_handle;
od.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- od.in.sid = ld.out.sid;
+ od.in.sid = *ld.out.sid;
od.out.domain_handle = &d_handle;
/* 4. do a samr_OpenDomain to get a domain handle */
@@ -598,6 +604,8 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
ln.in.domain_handle = &d_handle;
ln.in.num_names = 1;
ln.in.names = talloc_array(mem_ctx, struct lsa_String, 1);
+ ln.out.rids = &rids;
+ ln.out.types = &types;
if (!ln.in.names) {
r->samr.out.error_string = "Out of Memory";
return NT_STATUS_NO_MEMORY;
@@ -614,10 +622,10 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
}
/* check if we got one RID for the user */
- if (ln.out.rids.count != 1) {
+ if (ln.out.rids->count != 1) {
r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupNames for [%s] returns %d RIDs",
- r->samr.in.account_name, ln.out.rids.count);
+ r->samr.in.account_name, ln.out.rids->count);
status = NT_STATUS_INVALID_PARAMETER;
goto disconnect;
}
@@ -626,7 +634,7 @@ static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *
ZERO_STRUCT(u_handle);
ou.in.domain_handle = &d_handle;
ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- ou.in.rid = ln.out.rids.ids[0];
+ ou.in.rid = ln.out.rids->ids[0];
ou.out.user_handle = &u_handle;
/* 6. do a samr_OpenUser to get a user handle */
diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index 8b7dd1f598..160b4b3e19 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -384,7 +384,11 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx,
}
ADD_OR_DEL(string, "comment", comment.string);
- ADD_OR_DEL(string, "userParameters", parameters.string);
+
+ if (samdb_msg_add_parameters(state->sam_ldb, mem_ctx, msg, "userParameters", &user->parameters) != 0) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
ADD_OR_DEL(uint, "countryCode", country_code);
ADD_OR_DEL(uint, "codePage", code_page);
diff --git a/source4/libnet/libnet_user.c b/source4/libnet/libnet_user.c
index c768319452..8606d0856e 100644
--- a/source4/libnet/libnet_user.c
+++ b/source4/libnet/libnet_user.c
@@ -1032,6 +1032,10 @@ static void continue_domain_queried(struct rpc_request *req)
s->user_list.in.resume_handle = &s->resume_index;
s->user_list.in.acct_flags = ACB_NORMAL;
s->user_list.out.resume_handle = &s->resume_index;
+ s->user_list.out.num_entries = talloc(s, uint32_t);
+ if (composite_nomem(s->user_list.out.num_entries, c)) return;
+ s->user_list.out.sam = talloc(s, struct samr_SamArray *);
+ if (composite_nomem(s->user_list.out.sam, c)) return;
/* send the request */
enum_req = dcerpc_samr_EnumDomainUsers_send(s->ctx->samr.pipe, c, &s->user_list);
@@ -1064,6 +1068,10 @@ static void continue_samr_domain_opened(struct composite_context *ctx)
s->user_list.in.resume_handle = &s->resume_index;
s->user_list.in.acct_flags = ACB_NORMAL;
s->user_list.out.resume_handle = &s->resume_index;
+ s->user_list.out.sam = talloc(s, struct samr_SamArray *);
+ if (composite_nomem(s->user_list.out.sam, c)) return;
+ s->user_list.out.num_entries = talloc(s, uint32_t);
+ if (composite_nomem(s->user_list.out.num_entries, c)) return;
/* send the request */
enum_req = dcerpc_samr_EnumDomainUsers_send(s->ctx->samr.pipe, c, &s->user_list);
@@ -1102,15 +1110,15 @@ static void continue_users_enumerated(struct rpc_request *req)
/* get enumerated accounts counter and resume handle (the latter allows
making subsequent call to continue enumeration) */
s->resume_index = *s->user_list.out.resume_handle;
- s->count = s->user_list.out.num_entries;
+ s->count = *s->user_list.out.num_entries;
/* prepare returned user accounts array */
- s->users = talloc_array(c, struct userlist, s->user_list.out.sam->count);
+ s->users = talloc_array(c, struct userlist, (*s->user_list.out.sam)->count);
if (composite_nomem(s->users, c)) return;
- for (i = 0; i < s->user_list.out.sam->count; i++) {
+ for (i = 0; i < (*s->user_list.out.sam)->count; i++) {
struct dom_sid *user_sid;
- struct samr_SamEntry *entry = &s->user_list.out.sam->entries[i];
+ struct samr_SamEntry *entry = &(*s->user_list.out.sam)->entries[i];
struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid;
/* construct user sid from returned rid and queried domain sid */
diff --git a/source4/libnet/userinfo.c b/source4/libnet/userinfo.c
index e8b6b090c7..710154d41e 100644
--- a/source4/libnet/userinfo.c
+++ b/source4/libnet/userinfo.c
@@ -82,8 +82,8 @@ static void continue_userinfo_lookup(struct rpc_request *req)
if (s->monitor_fn) {
msg.type = mon_SamrLookupName;
msg_lookup = talloc(s, struct msg_rpc_lookup_name);
- msg_lookup->rid = s->lookup.out.rids.ids;
- msg_lookup->count = s->lookup.out.rids.count;
+ msg_lookup->rid = s->lookup.out.rids->ids;
+ msg_lookup->count = s->lookup.out.rids->count;
msg.data = (void*)msg_lookup;
msg.data_size = sizeof(*msg_lookup);
@@ -93,7 +93,7 @@ static void continue_userinfo_lookup(struct rpc_request *req)
/* have we actually got name resolved
- we're looking for only one at the moment */
- if (s->lookup.out.rids.count == 0) {
+ if (s->lookup.out.rids->count == 0) {
composite_error(c, NT_STATUS_NO_SUCH_USER);
}
@@ -102,7 +102,7 @@ static void continue_userinfo_lookup(struct rpc_request *req)
/* prepare parameters for LookupNames */
s->openuser.in.domain_handle = &s->domain_handle;
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- s->openuser.in.rid = s->lookup.out.rids.ids[0];
+ s->openuser.in.rid = s->lookup.out.rids->ids[0];
s->openuser.out.user_handle = &s->user_handle;
/* send request */
@@ -151,6 +151,8 @@ static void continue_userinfo_openuser(struct rpc_request *req)
/* prepare parameters for QueryUserInfo call */
s->queryuserinfo.in.user_handle = &s->user_handle;
s->queryuserinfo.in.level = s->level;
+ s->queryuserinfo.out.info = talloc(s, union samr_UserInfo *);
+ if (composite_nomem(s->queryuserinfo.out.info, c)) return;
/* queue rpc call, set event handling and new state */
queryuser_req = dcerpc_samr_QueryUserInfo_send(s->pipe, c, &s->queryuserinfo);
@@ -184,7 +186,7 @@ static void continue_userinfo_getuser(struct rpc_request *req)
return;
}
- s->info = talloc_steal(s, s->queryuserinfo.out.info);
+ s->info = talloc_steal(s, *(s->queryuserinfo.out.info));
/* issue a monitor message */
if (s->monitor_fn) {
@@ -297,6 +299,10 @@ struct composite_context *libnet_rpc_userinfo_send(struct dcerpc_pipe *p,
s->lookup.in.num_names = 1;
s->lookup.in.names = talloc_array(s, struct lsa_String, 1);
if (composite_nomem(s->lookup.in.names, c)) return c;
+ s->lookup.out.rids = talloc_zero(s, struct samr_Ids);
+ s->lookup.out.types = talloc_zero(s, struct samr_Ids);
+ if (composite_nomem(s->lookup.out.rids, c)) return c;
+ if (composite_nomem(s->lookup.out.types, c)) return c;
s->lookup.in.names[0].string = talloc_strdup(s, io->in.username);
if (composite_nomem(s->lookup.in.names[0].string, c)) return c;
diff --git a/source4/libnet/userman.c b/source4/libnet/userman.c
index 398d9f2cb0..c638d8af32 100644
--- a/source4/libnet/userman.c
+++ b/source4/libnet/userman.c
@@ -236,12 +236,12 @@ static void continue_userdel_name_found(struct rpc_request *req)
/* what to do when there's no user account to delete
and what if there's more than one rid resolved */
- if (!s->lookupname.out.rids.count) {
+ if (!s->lookupname.out.rids->count) {
c->status = NT_STATUS_NO_SUCH_USER;
composite_error(c, c->status);
return;
- } else if (!s->lookupname.out.rids.count > 1) {
+ } else if (!s->lookupname.out.rids->count > 1) {
c->status = NT_STATUS_INVALID_ACCOUNT_NAME;
composite_error(c, c->status);
return;
@@ -251,8 +251,8 @@ static void continue_userdel_name_found(struct rpc_request *req)
if (s->monitor_fn) {
struct msg_rpc_lookup_name msg_lookup;
- msg_lookup.rid = s->lookupname.out.rids.ids;
- msg_lookup.count = s->lookupname.out.rids.count;
+ msg_lookup.rid = s->lookupname.out.rids->ids;
+ msg_lookup.count = s->lookupname.out.rids->count;
msg.type = mon_SamrLookupName;
msg.data = (void*)&msg_lookup;
@@ -262,7 +262,7 @@ static void continue_userdel_name_found(struct rpc_request *req)
/* prepare the arguments for rpc call */
s->openuser.in.domain_handle = &s->domain_handle;
- s->openuser.in.rid = s->lookupname.out.rids.ids[0];
+ s->openuser.in.rid = s->lookupname.out.rids->ids[0];
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.out.user_handle = &s->user_handle;
@@ -393,6 +393,10 @@ struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p,
s->lookupname.in.num_names = 1;
s->lookupname.in.names = talloc_zero(s, struct lsa_String);
s->lookupname.in.names->string = io->in.username;
+ s->lookupname.out.rids = talloc_zero(s, struct samr_Ids);
+ s->lookupname.out.types = talloc_zero(s, struct samr_Ids);
+ if (composite_nomem(s->lookupname.out.rids, c)) return c;
+ if (composite_nomem(s->lookupname.out.types, c)) return c;
/* send the request */
lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
@@ -500,12 +504,12 @@ static void continue_usermod_name_found(struct rpc_request *req)
/* what to do when there's no user account to delete
and what if there's more than one rid resolved */
- if (!s->lookupname.out.rids.count) {
+ if (!s->lookupname.out.rids->count) {
c->status = NT_STATUS_NO_SUCH_USER;
composite_error(c, c->status);
return;
- } else if (!s->lookupname.out.rids.count > 1) {
+ } else if (!s->lookupname.out.rids->count > 1) {
c->status = NT_STATUS_INVALID_ACCOUNT_NAME;
composite_error(c, c->status);
return;
@@ -515,8 +519,8 @@ static void continue_usermod_name_found(struct rpc_request *req)
if (s->monitor_fn) {
struct msg_rpc_lookup_name msg_lookup;
- msg_lookup.rid = s->lookupname.out.rids.ids;
- msg_lookup.count = s->lookupname.out.rids.count;
+ msg_lookup.rid = s->lookupname.out.rids->ids;
+ msg_lookup.count = s->lookupname.out.rids->count;
msg.type = mon_SamrLookupName;
msg.data = (void*)&msg_lookup;
@@ -526,7 +530,7 @@ static void continue_usermod_name_found(struct rpc_request *req)
/* prepare the next rpc call */
s->openuser.in.domain_handle = &s->domain_handle;
- s->openuser.in.rid = s->lookupname.out.rids.ids[0];
+ s->openuser.in.rid = s->lookupname.out.rids->ids[0];
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.out.user_handle = &s->user_handle;
@@ -679,6 +683,9 @@ static NTSTATUS usermod_change(struct composite_context *c,
if (!do_set) {
s->queryuser.in.user_handle = &s->user_handle;
s->queryuser.in.level = level;
+ s->queryuser.out.info = talloc(s, union samr_UserInfo *);
+ if (composite_nomem(s->queryuser.out.info, c)) return;
+
/* send query user info request to retrieve complete data of
a particular info level */
@@ -751,7 +758,7 @@ static void continue_usermod_user_queried(struct rpc_request *req)
/* get returned user data and make a change (potentially one
of many) */
- s->info = *s->queryuser.out.info;
+ s->info = *(*s->queryuser.out.info);
usermod_setfields(s, &level, i, true);
@@ -834,6 +841,10 @@ struct composite_context *libnet_rpc_usermod_send(struct dcerpc_pipe *p,
s->lookupname.in.num_names = 1;
s->lookupname.in.names = talloc_zero(s, struct lsa_String);
s->lookupname.in.names->string = io->in.username;
+ s->lookupname.out.rids = talloc_zero(s, struct samr_Ids);
+ s->lookupname.out.types = talloc_zero(s, struct samr_Ids);
+ if (composite_nomem(s->lookupname.out.rids, c)) return c;
+ if (composite_nomem(s->lookupname.out.types, c)) return c;
/* send the rpc request */
lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);