From b76657f8d9fea54430b048e61ed7c8c78eb582e5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 14 Jan 2011 16:11:19 +0100 Subject: s3-libnetapi: prefer dcerpc_samr_X functions in lib/netapi/localgroup.c. Guenther --- source3/lib/netapi/localgroup.c | 201 ++++++++++++++++++++++++++++++---------- 1 file changed, 151 insertions(+), 50 deletions(-) (limited to 'source3/lib') diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c index b2d08b7a59..7955ce5e02 100644 --- a/source3/lib/netapi/localgroup.c +++ b/source3/lib/netapi/localgroup.c @@ -23,7 +23,7 @@ #include "lib/netapi/netapi.h" #include "lib/netapi/netapi_private.h" #include "lib/netapi/libnetapi.h" -#include "../librpc/gen_ndr/cli_samr.h" +#include "../librpc/gen_ndr/ndr_samr_c.h" #include "../librpc/gen_ndr/cli_lsa.h" #include "rpc_client/cli_lsarpc.h" #include "rpc_client/init_lsa.h" @@ -36,22 +36,27 @@ static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx, uint32_t access_rights, struct policy_handle *alias_handle) { - NTSTATUS status; + NTSTATUS status, result; struct lsa_String lsa_account_name; struct samr_Ids user_rids, name_types; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; init_lsa_String(&lsa_account_name, group_name); - status = rpccli_samr_LookupNames(pipe_cli, mem_ctx, + status = dcerpc_samr_LookupNames(b, mem_ctx, domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { return status; } + if (!NT_STATUS_IS_OK(result)) { + return result; + } switch (name_types.ids[0]) { case SID_NAME_ALIAS: @@ -61,11 +66,17 @@ static NTSTATUS libnetapi_samr_lookup_and_open_alias(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_SID; } - return rpccli_samr_OpenAlias(pipe_cli, mem_ctx, - domain_handle, - access_rights, - user_rids.ids[0], - alias_handle); + status = dcerpc_samr_OpenAlias(b, mem_ctx, + domain_handle, + access_rights, + user_rids.ids[0], + alias_handle, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return result; } /**************************************************************** @@ -79,34 +90,45 @@ static NTSTATUS libnetapi_samr_open_alias_queryinfo(TALLOC_CTX *mem_ctx, enum samr_AliasInfoEnum level, union samr_AliasInfo **alias_info) { - NTSTATUS status; + NTSTATUS status, result; struct policy_handle alias_handle; union samr_AliasInfo *_alias_info = NULL; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; ZERO_STRUCT(alias_handle); - status = rpccli_samr_OpenAlias(pipe_cli, mem_ctx, + status = dcerpc_samr_OpenAlias(b, mem_ctx, handle, access_rights, rid, - &alias_handle); + &alias_handle, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } - status = rpccli_samr_QueryAliasInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryAliasInfo(b, mem_ctx, &alias_handle, level, - &_alias_info); + &_alias_info, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } *alias_info = _alias_info; done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, mem_ctx, &alias_handle); + dcerpc_samr_Close(b, mem_ctx, &alias_handle, &result); } return status; @@ -119,12 +141,13 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, struct NetLocalGroupAdd *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct lsa_String lsa_account_name; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; struct dom_sid2 *domain_sid = NULL; uint32_t rid; + struct dcerpc_binding_handle *b = NULL; struct LOCALGROUP_INFO_0 *info0 = NULL; struct LOCALGROUP_INFO_1 *info1 = NULL; @@ -161,6 +184,8 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -199,17 +224,23 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, alias_name); - status = rpccli_samr_CreateDomAlias(pipe_cli, talloc_tos(), + status = dcerpc_samr_CreateDomAlias(b, talloc_tos(), &domain_handle, &lsa_account_name, SEC_STD_DELETE | SAMR_ALIAS_ACCESS_SET_INFO, &alias_handle, - &rid); + &rid, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } + if (r->in.level == 1 && info1->lgrpi1_comment) { @@ -217,21 +248,26 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&alias_info.description, info1->lgrpi1_comment); - status = rpccli_samr_SetAliasInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_SetAliasInfo(b, talloc_tos(), &alias_handle, ALIASINFODESCRIPTION, - &alias_info); + &alias_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } } werr = WERR_OK; done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &alias_handle); + dcerpc_samr_Close(b, talloc_tos(), &alias_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -260,10 +296,11 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, struct NetLocalGroupDel *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; struct dom_sid2 *domain_sid = NULL; + struct dcerpc_binding_handle *b = NULL; if (!r->in.group_name) { return WERR_INVALID_PARAM; @@ -281,6 +318,8 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -334,12 +373,17 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, delete_alias: - status = rpccli_samr_DeleteDomAlias(pipe_cli, talloc_tos(), - &alias_handle); + status = dcerpc_samr_DeleteDomAlias(b, talloc_tos(), + &alias_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } ZERO_STRUCT(alias_handle); @@ -347,7 +391,7 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &alias_handle); + dcerpc_samr_Close(b, talloc_tos(), &alias_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -421,12 +465,13 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, struct NetLocalGroupGetInfo *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; struct dom_sid2 *domain_sid = NULL; union samr_AliasInfo *alias_info = NULL; uint32_t entries_read = 0; + struct dcerpc_binding_handle *b = NULL; if (!r->in.group_name) { return WERR_INVALID_PARAM; @@ -453,6 +498,8 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -505,14 +552,19 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, } query_alias: - status = rpccli_samr_QueryAliasInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_QueryAliasInfo(b, talloc_tos(), &alias_handle, ALIASINFOALL, - &alias_info); + &alias_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } werr = map_alias_info_to_buffer(ctx, r->in.group_name, @@ -522,7 +574,7 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &alias_handle); + dcerpc_samr_Close(b, talloc_tos(), &alias_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -591,13 +643,14 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, struct NetLocalGroupSetInfo *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct lsa_String lsa_account_name; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; struct dom_sid2 *domain_sid = NULL; enum samr_AliasInfoEnum alias_level = 0; union samr_AliasInfo *alias_info = NULL; + struct dcerpc_binding_handle *b = NULL; if (!r->in.group_name) { return WERR_INVALID_PARAM; @@ -624,6 +677,8 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -683,20 +738,25 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_SetAliasInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_SetAliasInfo(b, talloc_tos(), &alias_handle, alias_level, - alias_info); + alias_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } werr = WERR_OK; done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &alias_handle); + dcerpc_samr_Close(b, talloc_tos(), &alias_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -724,7 +784,7 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, struct NetLocalGroupEnum *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; struct dom_sid2 *domain_sid = NULL; @@ -734,6 +794,7 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, struct samr_SamArray *domain_sam_array = NULL; struct samr_SamArray *builtin_sam_array = NULL; int i; + struct dcerpc_binding_handle *b = NULL; if (!r->out.buffer) { return WERR_INVALID_PARAM; @@ -766,6 +827,8 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -791,42 +854,57 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryDomainInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(), &builtin_handle, 2, - &builtin_info); + &builtin_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (r->out.total_entries) { *r->out.total_entries += builtin_info->general.num_aliases; } - status = rpccli_samr_QueryDomainInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(), &domain_handle, 2, - &domain_info); + &domain_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (r->out.total_entries) { *r->out.total_entries += domain_info->general.num_aliases; } - status = rpccli_samr_EnumDomainAliases(pipe_cli, talloc_tos(), + status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(), &builtin_handle, r->in.resume_handle, &builtin_sam_array, r->in.prefmaxlen, - &entries_read); + &entries_read, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; icount; i++) { union samr_AliasInfo *alias_info = NULL; @@ -853,16 +931,21 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, r->out.buffer); } - status = rpccli_samr_EnumDomainAliases(pipe_cli, talloc_tos(), + status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(), &domain_handle, r->in.resume_handle, &domain_sam_array, r->in.prefmaxlen, - &entries_read); + &entries_read, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; icount; i++) { @@ -974,7 +1057,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; struct rpc_pipe_client *lsa_pipe = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct lsa_String lsa_account_name; struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; @@ -989,6 +1072,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, struct dom_sid *del_sids = NULL; uint32_t num_add_sids = 0; uint32_t num_del_sids = 0; + struct dcerpc_binding_handle *b = NULL; if ((!add && !del && !set) || (add && del && set)) { return WERR_INVALID_PARAM; @@ -1072,6 +1156,8 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, @@ -1159,13 +1245,18 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, struct lsa_SidArray current_sids; - status = rpccli_samr_GetMembersInAlias(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetMembersInAlias(b, talloc_tos(), &alias_handle, - ¤t_sids); + ¤t_sids, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } /* add list */ @@ -1215,32 +1306,42 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, /* add list */ for (i=0; i < num_add_sids; i++) { - status = rpccli_samr_AddAliasMember(pipe_cli, talloc_tos(), + status = dcerpc_samr_AddAliasMember(b, talloc_tos(), &alias_handle, - &add_sids[i]); + &add_sids[i], + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } } /* del list */ for (i=0; i < num_del_sids; i++) { - status = rpccli_samr_DeleteAliasMember(pipe_cli, talloc_tos(), + status = dcerpc_samr_DeleteAliasMember(b, talloc_tos(), &alias_handle, - &del_sids[i]); + &del_sids[i], + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } } werr = WERR_OK; done: if (is_valid_policy_hnd(&alias_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &alias_handle); + dcerpc_samr_Close(b, talloc_tos(), &alias_handle, &result); } if (ctx->disable_policy_handle_cache) { -- cgit