From 59d4087160ba41aac724722dc29c4b6e4e3b69b0 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 25 Nov 1998 19:57:04 +0000 Subject: LsaLookupNames client call (first used as lookupnames command in rpcclient). (This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59) --- source3/include/proto.h | 17 +++-- source3/include/rpc_lsa.h | 43 ++++++------- source3/include/rpc_misc.h | 21 +++---- source3/lsarpcd/srv_lsa.c | 24 ++++---- source3/passdb/passdb.c | 52 +++++++++------- source3/rpc_client/cli_lsarpc.c | 133 ++++++++++++++++++++++++++++++++++++++-- source3/rpc_parse/parse_lsa.c | 66 +++++++++++++++----- source3/rpc_parse/parse_misc.c | 11 +--- source3/rpc_server/srv_lsa.c | 24 ++++---- source3/rpc_server/srv_sid.c | 14 +++-- source3/rpcclient/cmd_lsarpc.c | 92 ++++++++++++++++++++++++++- source3/rpcclient/rpcclient.c | 1 + source3/smbd/groupname.c | 13 +--- 13 files changed, 380 insertions(+), 131 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 33c734a210..6fbc2d3192 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1252,11 +1252,11 @@ BOOL pm_process( char *FileName, /*The following definitions come from passdb/ldap.c */ -struct passdb_ops *ldap_initialize_password_db(void); +struct passdb_ops *ldap_initialise_password_db(void); /*The following definitions come from passdb/nispass.c */ -struct passdb_ops *nisplus_initialize_password_db(void); +struct passdb_ops *nisplus_initialise_password_db(void); /*The following definitions come from passdb/pass_check.c */ @@ -1412,6 +1412,12 @@ BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); BOOL do_lsa_open_policy(struct cli_state *cli, char *server_name, POLICY_HND *hnd, BOOL sec_qos); +BOOL do_lsa_lookup_names(struct cli_state *cli, + POLICY_HND *hnd, + int num_names, + char **names, + DOM_SID **sids, + int *num_sids); BOOL do_lsa_lookup_sids(struct cli_state *cli, POLICY_HND *hnd, int num_sids, @@ -1591,8 +1597,10 @@ void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, uint16 level); void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth); void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth); -void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth); -void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, int depth); +void make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd, + int num_names, char **names); +void lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth); +void lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth); void make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd); void lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth); void lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth); @@ -2283,6 +2291,7 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data); /*The following definitions come from rpcclient/cmd_lsarpc.c */ void cmd_lsa_query_info(struct client_info *info); +void cmd_lsa_lookup_names(struct client_info *info); void cmd_lsa_lookup_sids(struct client_info *info); /*The following definitions come from rpcclient/cmd_netlogon.c */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index b8aaa562f0..1df18a7674 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -48,9 +48,6 @@ enum SID_NAME_USE #define LSA_OPENPOLICY2 0x2c #define LSA_OPENSECRET 0x1C -/* XXXX these are here to get a compile! */ -#define LSA_LOOKUPRIDS 0xFD - #define LSA_MAX_GROUPS 32 #define LSA_MAX_SIDS 32 @@ -290,37 +287,37 @@ typedef struct lsa_r_lookup_sids } LSA_R_LOOKUP_SIDS; -#define UNKNOWN_LEN 1 - -/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */ -typedef struct lsa_q_lookup_rids +/* LSA_Q_LOOKUP_NAMES - LSA Lookup NAMEs */ +typedef struct lsa_q_lookup_names { POLICY_HND pol; /* policy handle */ uint32 num_entries; uint32 num_entries2; - uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */ - uint32 buffer_dom_name; /* undocumented domain name buffer pointer */ - UNISTR3 lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */ - uint8 undoc[UNKNOWN_LEN]; /* completely undocumented bytes of unknown length */ + UNIHDR hdr_name[MAX_LOOKUP_SIDS]; /* name buffer pointers */ + UNISTR2 uni_name[MAX_LOOKUP_SIDS]; /* names to be looked up */ -} LSA_Q_LOOKUP_RIDS; + uint32 num_trans_entries; + uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */ + uint32 lookup_level; + uint32 mapped_count; -/* LSA_R_LOOKUP_RIDS - response to LSA Lookup RIDs by name */ -typedef struct lsa_r_lookup_rids -{ - DOM_R_REF dom_ref; /* domain reference info */ +} LSA_Q_LOOKUP_NAMES; - uint32 num_entries; - uint32 undoc_buffer; /* undocumented buffer pointer */ +/* LSA_R_LOOKUP_NAMES - response to LSA Lookup NAMEs by name */ +typedef struct lsa_r_lookup_names +{ + DOM_R_REF *dom_ref; /* domain reference info */ - uint32 num_entries2; - DOM_RID2 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */ + uint32 num_entries; + uint32 undoc_buffer; /* undocumented buffer pointer */ + uint32 num_entries2; + DOM_RID2 *dom_rid; /* domain RIDs being looked up */ - uint32 num_entries3; + uint32 mapped_count; - uint32 status; /* return code */ + uint32 status; /* return code */ -} LSA_R_LOOKUP_RIDS; +} LSA_R_LOOKUP_NAMES; #endif /* _RPC_LSA_H */ diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index aa1f100dfb..786aad32d2 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -188,29 +188,28 @@ typedef struct unistr3_info /* DOM_RID2 - domain RID structure for ntlsa pipe */ typedef struct domrid2_info { - uint32 type; /* value is 5 */ - uint32 undoc; /* value is non-zero */ - uint32 rid; - uint32 rid_idx; /* don't know what this is */ + uint8 type; /* value is SID_NAME_USE enum */ + uint32 rid; + uint32 rid_idx; /* referenced domain index */ } DOM_RID2; /* DOM_RID3 - domain RID structure for samr pipe */ typedef struct domrid3_info { - uint32 rid; /* domain-relative (to a SID) id */ - uint32 type1; /* value is 0x1 */ - uint32 ptr_type; /* undocumented pointer */ - uint32 type2; /* value is 0x1 */ + uint32 rid; /* domain-relative (to a SID) id */ + uint32 type1; /* value is 0x1 */ + uint32 ptr_type; /* undocumented pointer */ + uint32 type2; /* value is 0x1 */ } DOM_RID3; /* DOM_RID4 - rid + user attributes */ typedef struct domrid4_info { - uint32 unknown; - uint16 attr; - uint32 rid; /* user RID */ + uint32 unknown; + uint16 attr; + uint32 rid; /* user RID */ } DOM_RID4; diff --git a/source3/lsarpcd/srv_lsa.c b/source3/lsarpcd/srv_lsa.c index 8c9db172d2..abbe4ccd93 100644 --- a/source3/lsarpcd/srv_lsa.c +++ b/source3/lsarpcd/srv_lsa.c @@ -195,9 +195,9 @@ static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid) } /*************************************************************************** -make_reply_lookup_rids +make_reply_lookup_names ***************************************************************************/ -static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l, +static void make_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l, int num_entries, DOM_SID dom_sids [MAX_LOOKUP_SIDS], uint8 dom_types[MAX_LOOKUP_SIDS]) @@ -338,24 +338,24 @@ static void lsa_reply_lookup_sids(prs_struct *rdata, } /*************************************************************************** -lsa_reply_lookup_rids +lsa_reply_lookup_names ***************************************************************************/ -static void lsa_reply_lookup_rids(prs_struct *rdata, +static void lsa_reply_lookup_names(prs_struct *rdata, int num_entries, DOM_SID dom_sids [MAX_LOOKUP_SIDS], uint8 dom_types[MAX_LOOKUP_SIDS]) { - LSA_R_LOOKUP_RIDS r_l; + LSA_R_LOOKUP_NAMES r_l; ZERO_STRUCT(r_l); /* set up the LSA Lookup RIDs response */ - make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types); + make_reply_lookup_names(&r_l, num_entries, dom_sids, dom_types); r_l.status = 0x0; /* store the response in the SMB stream */ - lsa_io_r_lookup_rids("", &r_l, rdata, 0); + lsa_io_r_lookup_names("", &r_l, rdata, 0); } /*************************************************************************** @@ -478,7 +478,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rdata ) { int i; - LSA_Q_LOOKUP_RIDS q_l; + LSA_Q_LOOKUP_NAMES q_l; DOM_SID dom_sids [MAX_LOOKUP_SIDS]; uint8 dom_types[MAX_LOOKUP_SIDS]; @@ -486,15 +486,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, ZERO_ARRAY(dom_sids); /* grab the info class and policy handle */ - lsa_io_q_lookup_rids("", &q_l, data, 0); + lsa_io_q_lookup_names("", &q_l, data, 0); - SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries); + SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries); /* convert received RIDs to strings, so we can do them. */ for (i = 0; i < q_l.num_entries; i++) { fstring name; - fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer)); + fstrcpy(name, unistr2_to_str(&q_l.uni_name[i])); if (!lookup_name(name, &dom_sids[i], &dom_types[i])) { @@ -503,7 +503,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, } /* construct reply. return status is always 0x0 */ - lsa_reply_lookup_rids(rdata, + lsa_reply_lookup_names(rdata, q_l.num_entries, dom_sids, /* text-converted SIDs */ dom_types); /* SID_NAME_USE types */ diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index a7635308b7..ca5dd8b585 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -111,7 +111,8 @@ struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid) } while ((pwd = getsmbpwent(fp)) != NULL && pwd->smb_userid != smb_userid) - ; + { + } if (pwd != NULL) { @@ -144,7 +145,8 @@ struct smb_passwd *iterate_getsmbpwnam(char *name) } while ((pwd = getsmbpwent(fp)) != NULL && !strequal(pwd->smb_name, name)) - ; + { + } if (pwd != NULL) { @@ -349,7 +351,8 @@ struct sam_passwd *iterate_getsam21pwuid(uid_t uid) } while ((pwd = getsam21pwent(fp)) != NULL && pwd->smb_userid != uid) - ; + { + } if (pwd != NULL) { @@ -514,30 +517,33 @@ struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user) char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length) { - static fstring acct_str; - size_t i = 0; + static fstring acct_str; + size_t i = 0; - acct_str[i++] = '['; + acct_str[i++] = '['; - if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; - if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; - if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; - if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; - if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; - if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; - if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; - if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; - if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; - if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; - if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; + if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N'; + if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D'; + if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H'; + if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T'; + if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U'; + if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M'; + if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W'; + if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S'; + if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L'; + if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X'; + if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I'; - for ( ; i < length - 2 ; i++ ) { acct_str[i] = ' '; } + for ( ; i < length - 2 ; i++ ) + { + acct_str[i] = ' '; + } - i = length - 2; - acct_str[i++] = ']'; - acct_str[i++] = '\0'; + i = length - 2; + acct_str[i++] = ']'; + acct_str[i++] = '\0'; - return acct_str; + return acct_str; } /********************************************************** @@ -575,7 +581,7 @@ uint16 pwdb_decode_acct_ctrl(const char *p) case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ } case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ } case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ } - case ' ': { break; } + case ' ': { break; } case ':': case '\n': case '\0': diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index a43b65ad64..48dd90ffa9 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -98,6 +98,119 @@ BOOL do_lsa_open_policy(struct cli_state *cli, return valid_pol; } +/**************************************************************************** +do a LSA Lookup Names +****************************************************************************/ +BOOL do_lsa_lookup_names(struct cli_state *cli, + POLICY_HND *hnd, + int num_names, + char **names, + DOM_SID **sids, + int *num_sids) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_LOOKUP_NAMES q_l; + BOOL valid_response = False; + + if (hnd == NULL || num_sids == 0 || sids == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api LSA_LOOKUP_NAMES */ + + DEBUG(4,("LSA Lookup NAMEs\n")); + + /* store the parameters */ + make_q_lookup_names(&q_l, hnd, num_names, names); + + /* turn parameters into data stream */ + lsa_io_q_lookup_names("", &q_l, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, LSA_LOOKUPNAMES, &buf, &rbuf)) + { + LSA_R_LOOKUP_NAMES r_l; + DOM_R_REF ref; + DOM_RID2 t_rids[MAX_LOOKUP_SIDS]; + BOOL p; + + ZERO_STRUCT(ref); + ZERO_STRUCT(t_rids); + + r_l.dom_ref = &ref; + r_l.dom_rid = t_rids; + + lsa_io_r_lookup_names("", &r_l, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_l.status != 0) + { + /* report error code */ + DEBUG(0,("LSA_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_l.status))); + p = False; + } + + if (p) + { + if (r_l.undoc_buffer != 0 && ref.undoc_buffer != 0) + { + valid_response = True; + } + } + + if (num_sids != NULL && valid_response) + { + (*num_sids) = r_l.num_entries; + } + if (valid_response) + { + int i; + for (i = 0; i < r_l.num_entries; i++) + { + if (t_rids[i].rid_idx >= ref.num_ref_doms_1 && + t_rids[i].rid_idx != 0xffffffff) + { + DEBUG(0,("LSA_LOOKUP_NAMES: domain index %d out of bounds\n", + t_rids[i].rid_idx)); + valid_response = False; + break; + } + } + } + + if (sids != NULL && valid_response && r_l.num_entries != 0) + { + (*sids) = (DOM_SID*)malloc((*num_sids) * sizeof(DOM_SID)); + } + + if (sids != NULL && (*sids) != NULL) + { + int i; + /* take each name, construct a SID */ + for (i = 0; i < (*num_sids); i++) + { + uint32 dom_idx = t_rids[i].rid_idx; + DOM_SID *sid = &(*sids)[i]; + if (dom_idx != 0xffffffff) + { + sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid); + } + else + { + ZERO_STRUCTP(sid); + } + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_response; +} + /**************************************************************************** do a LSA Lookup SIDs ****************************************************************************/ @@ -190,13 +303,21 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli, fstring dom_name; fstring full_name; uint32 dom_idx = t_names.name[i].domain_idx; - fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer)); - fstrcpy(name , unistr2(t_names.uni_name[i].buffer)); - - slprintf(full_name, sizeof(full_name), "\\%s\\%s", - dom_name, name); - (*names)[i] = strdup(full_name); + if (dom_idx != 0xffffffff) + { + fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer)); + fstrcpy(name , unistr2(t_names.uni_name[i].buffer)); + + slprintf(full_name, sizeof(full_name), "\\%s\\%s", + dom_name, name); + + (*names)[i] = strdup(full_name); + } + else + { + (*names)[i] = NULL; + } } } } diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 818e7a0baf..5adff5256d 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -563,7 +563,7 @@ static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, } /******************************************************************* -makes an LSA_R_ENUM_TRUST_DOM structure. +makes a structure. ********************************************************************/ void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, int num_sids, DOM_SID **sids, @@ -571,7 +571,7 @@ void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, { if (q_l == NULL) return; - DEBUG(5,("make_r_enum_trust_dom\n")); + DEBUG(5,("make_q_lookup_sids\n")); memcpy(&(q_l->pol), hnd, sizeof(q_l->pol)); make_lsa_sid_enum(&(q_l->sids), num_sids, sids); @@ -667,16 +667,47 @@ void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, i prs_uint32("status ", ps, depth, &(r_s->status)); } +/******************************************************************* +makes a structure. +********************************************************************/ +void make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd, + int num_names, char **names) +{ + int i; + if (q_l == NULL) return; + + DEBUG(5,("make_q_lookup_names\n")); + + memcpy(&(q_l->pol), hnd, sizeof(q_l->pol)); + + SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries); + + q_l->num_entries = num_names; + q_l->num_entries2 = num_names; + + for (i = 0; i < num_names; i++) + { + int len = strlen(names[i]); + make_uni_hdr(&q_l->hdr_name[i], len, len, len != 0); + make_unistr2(&q_l->uni_name[i], names[i], len); + } + + q_l->num_trans_entries = 0; + q_l->ptr_trans_sids = 0; + q_l->lookup_level = 1; + q_l->mapped_count = 0; +} + /******************************************************************* reads or writes a structure. ********************************************************************/ -void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth) +void lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth) { int i; if (q_r == NULL) return; - prs_debug(ps, depth, desc, "lsa_io_q_lookup_rids"); + prs_debug(ps, depth, desc, "lsa_io_q_lookup_names"); depth++; prs_align(ps); @@ -685,47 +716,52 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i prs_uint32("num_entries ", ps, depth, &(q_r->num_entries)); prs_uint32("num_entries2 ", ps, depth, &(q_r->num_entries2)); - prs_uint32("buffer_dom_sid ", ps, depth, &(q_r->buffer_dom_sid)); /* undocumented domain SID buffer pointer */ - prs_uint32("buffer_dom_name", ps, depth, &(q_r->buffer_dom_name)); /* undocumented domain name buffer pointer */ - SMB_ASSERT_ARRAY(q_r->lookup_name, q_r->num_entries); + SMB_ASSERT_ARRAY(q_r->uni_name, q_r->num_entries); for (i = 0; i < q_r->num_entries; i++) { - smb_io_unistr3("dom_name", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */ + smb_io_unihdr("hdr_name", &(q_r->hdr_name[i]), ps, depth); /* pointer names */ } - prs_uint8s (False, "undoc ", ps, depth, q_r->undoc, UNKNOWN_LEN); + for (i = 0; i < q_r->num_entries; i++) + { + smb_io_unistr2("dom_name", &(q_r->uni_name[i]), q_r->hdr_name[i].buffer, ps, depth); /* names to be looked up */ + prs_align(ps); + } + + prs_uint32("num_trans_entries ", ps, depth, &(q_r->num_trans_entries)); + prs_uint32("ptr_trans_sids ", ps, depth, &(q_r->ptr_trans_sids)); + prs_uint32("lookup_level ", ps, depth, &(q_r->lookup_level )); + prs_uint32("mapped_count ", ps, depth, &(q_r->mapped_count )); } /******************************************************************* reads or writes a structure. ********************************************************************/ -void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, int depth) +void lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth) { int i; if (r_r == NULL) return; - prs_debug(ps, depth, desc, "lsa_io_r_lookup_rids"); + prs_debug(ps, depth, desc, "lsa_io_r_lookup_names"); depth++; prs_align(ps); - lsa_io_dom_r_ref("", &(r_r->dom_ref), ps, depth); /* domain reference info */ + lsa_io_dom_r_ref("", r_r->dom_ref, ps, depth); /* domain reference info */ prs_uint32("num_entries ", ps, depth, &(r_r->num_entries)); prs_uint32("undoc_buffer", ps, depth, &(r_r->undoc_buffer)); prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2)); - SMB_ASSERT_ARRAY(r_r->dom_rid, r_r->num_entries2); - for (i = 0; i < r_r->num_entries2; i++) { smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */ } - prs_uint32("num_entries3", ps, depth, &(r_r->num_entries3)); + prs_uint32("mapped_count", ps, depth, &(r_r->mapped_count)); prs_uint32("status ", ps, depth, &(r_r->status)); } diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 97d4f3d563..ad268f60a4 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -674,7 +674,6 @@ creates a DOM_RID2 structure. void make_dom_rid2(DOM_RID2 *rid2, uint32 rid, uint8 type) { rid2->type = type; - rid2->undoc = 0x5; rid2->rid = rid; rid2->rid_idx = 0; } @@ -691,14 +690,8 @@ void smb_io_dom_rid2(char *desc, DOM_RID2 *rid2, prs_struct *ps, int depth) prs_align(ps); - /* should be value 5, so enforce it */ - rid2->type = 5; - - /* should be value 5, so enforce it */ - rid2->undoc = 5; - - prs_uint32("type ", ps, depth, &(rid2->type)); - prs_uint32("undoc ", ps, depth, &(rid2->undoc )); + prs_uint8("type ", ps, depth, &(rid2->type)); + prs_align(ps); prs_uint32("rid ", ps, depth, &(rid2->rid )); prs_uint32("rid_idx", ps, depth, &(rid2->rid_idx )); } diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index 8c9db172d2..abbe4ccd93 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -195,9 +195,9 @@ static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid) } /*************************************************************************** -make_reply_lookup_rids +make_reply_lookup_names ***************************************************************************/ -static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l, +static void make_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l, int num_entries, DOM_SID dom_sids [MAX_LOOKUP_SIDS], uint8 dom_types[MAX_LOOKUP_SIDS]) @@ -338,24 +338,24 @@ static void lsa_reply_lookup_sids(prs_struct *rdata, } /*************************************************************************** -lsa_reply_lookup_rids +lsa_reply_lookup_names ***************************************************************************/ -static void lsa_reply_lookup_rids(prs_struct *rdata, +static void lsa_reply_lookup_names(prs_struct *rdata, int num_entries, DOM_SID dom_sids [MAX_LOOKUP_SIDS], uint8 dom_types[MAX_LOOKUP_SIDS]) { - LSA_R_LOOKUP_RIDS r_l; + LSA_R_LOOKUP_NAMES r_l; ZERO_STRUCT(r_l); /* set up the LSA Lookup RIDs response */ - make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types); + make_reply_lookup_names(&r_l, num_entries, dom_sids, dom_types); r_l.status = 0x0; /* store the response in the SMB stream */ - lsa_io_r_lookup_rids("", &r_l, rdata, 0); + lsa_io_r_lookup_names("", &r_l, rdata, 0); } /*************************************************************************** @@ -478,7 +478,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rdata ) { int i; - LSA_Q_LOOKUP_RIDS q_l; + LSA_Q_LOOKUP_NAMES q_l; DOM_SID dom_sids [MAX_LOOKUP_SIDS]; uint8 dom_types[MAX_LOOKUP_SIDS]; @@ -486,15 +486,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, ZERO_ARRAY(dom_sids); /* grab the info class and policy handle */ - lsa_io_q_lookup_rids("", &q_l, data, 0); + lsa_io_q_lookup_names("", &q_l, data, 0); - SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries); + SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries); /* convert received RIDs to strings, so we can do them. */ for (i = 0; i < q_l.num_entries; i++) { fstring name; - fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer)); + fstrcpy(name, unistr2_to_str(&q_l.uni_name[i])); if (!lookup_name(name, &dom_sids[i], &dom_types[i])) { @@ -503,7 +503,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data, } /* construct reply. return status is always 0x0 */ - lsa_reply_lookup_rids(rdata, + lsa_reply_lookup_names(rdata, q_l.num_entries, dom_sids, /* text-converted SIDs */ dom_types); /* SID_NAME_USE types */ diff --git a/source3/rpc_server/srv_sid.c b/source3/rpc_server/srv_sid.c index 216fab657f..0317bb32f5 100644 --- a/source3/rpc_server/srv_sid.c +++ b/source3/rpc_server/srv_sid.c @@ -432,10 +432,6 @@ Error was %s\n", sid_file, strerror(errno) )); ***************************************************************************/ BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain) { - fstring sid_str; - sid_to_string(sid_str, sid); - DEBUG(5,("map_domain_name_to_sid: %s\n", sid_str)); - if (nt_domain == NULL) { *sid = global_sam_sid; @@ -451,6 +447,16 @@ BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain) return True; } + if ((*nt_domain)[0] == 0) + { + DEBUG(5,("map_domain_name_to_sid: overriding blank name to %s\n", + global_sam_name)); + free(*nt_domain); + (*nt_domain) = strdup(global_sam_name); + *sid = global_sam_sid; + return True; + } + if (strequal((*nt_domain), global_sam_name)) { *sid = global_sam_sid; diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index a23e7a650b..4a907fa344 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -121,7 +121,97 @@ void cmd_lsa_query_info(struct client_info *info) } /**************************************************************************** -nt lsa query +lookup names +****************************************************************************/ +void cmd_lsa_lookup_names(struct client_info *info) +{ + fstring temp; + int i; + fstring srv_name; + int num_names = 0; + char *names[10]; + DOM_SID *sids; + int num_sids = 0; +#if 0 + DOM_SID sid[10]; + DOM_SID *sids[10]; +#endif + BOOL res = True; + + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->myhostname); + strupper(srv_name); + + DEBUG(4,("cmd_lsa_lookup_names: server: %s\n", srv_name)); + + while (num_names < 10 && next_token(NULL, temp, NULL, sizeof(temp))) + { + names[num_names] = strdup(temp); + num_names++; + } + + if (num_names == 0) + { + fprintf(out_hnd, "lookupnames [ ...]\n"); + return; + } + + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; + + /* lookup domain controller; receive a policy handle */ + res = res ? do_lsa_open_policy(smb_cli, + srv_name, + &info->dom.lsa_info_pol, True) : False; + + /* send lsa lookup sids call */ + res = res ? do_lsa_lookup_names(smb_cli, + &info->dom.lsa_info_pol, + num_names, names, + &sids, &num_sids) : False; + + res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); + + if (res) + { + DEBUG(5,("cmd_lsa_lookup_names: query succeeded\n")); + } + else + { + DEBUG(5,("cmd_lsa_lookup_names: query failed\n")); + } + + if (sids != NULL) + { + fprintf(out_hnd,"Lookup Names:\n"); + for (i = 0; i < num_sids; i++) + { + sid_to_string(temp, &sids[i]); + fprintf(out_hnd, "SID: %s -> %s\n", names[i], temp); +#if 0 + if (sids[i] != NULL) + { + free(sids[i]); + } +#endif + } + free(sids); + } + + for (i = 0; i < num_names; i++) + { + if (names[i] != NULL) + { + free(names[i]); + } + } +} + +/**************************************************************************** +lookup sids ****************************************************************************/ void cmd_lsa_lookup_sids(struct client_info *info) { diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 80d66a3af4..220c81d61e 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -122,6 +122,7 @@ struct {"srvfiles", cmd_srv_enum_files, "List files on a server"}, {"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"}, {"lookupsids", cmd_lsa_lookup_sids, "Resolve names from SIDs"}, + {"lookupnames",cmd_lsa_lookup_names, "Resolve SIDs from names"}, {"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"}, {"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"}, {"samuser", cmd_sam_query_user, " SAM User Query (experimental!)"}, diff --git a/source3/smbd/groupname.c b/source3/smbd/groupname.c index 3c09c11830..95992cc84b 100644 --- a/source3/smbd/groupname.c +++ b/source3/smbd/groupname.c @@ -207,16 +207,9 @@ failed. Error was %s.\n", grp->unix_name, strerror(errno) )); grp->nt_domain)); return False; } - - DEBUG(0,("unix_name_to_group_info: cannot resolve domain %s\n", - grp->nt_domain)); - - return False; - } - else - { - return make_mydomain_sid(grp, type); } + + return make_mydomain_sid(grp, type); } static BOOL make_name_entry(name_map_entry **new_ep, @@ -301,8 +294,6 @@ static void load_name_map(GROUP_TYPE type) map_list = &aliasname_map_list; } - DEBUG(10,("load_name_map : %s\n", map_file)); - if (!(*initialised)) { ubi_slInitList(map_list); -- cgit