From ccdcbc2efe86cde991a1cafdb2b098db41b163fd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 16 Jun 2008 12:09:08 +0200 Subject: net_vampire: move some samsync functions to libnet. Guenther (This used to be commit b3b6af0a3e25fab0a14c9c802dbabd3d03448ebe) --- source3/libnet/libnet.h | 1 + source3/libnet/libnet_proto.h | 9 ++- source3/libnet/libnet_samsync.c | 164 ++++++++++++++++++++++++++++++++++++++++ source3/libnet/libnet_samsync.h | 68 +++++++++++++++++ source3/utils/net.h | 43 ----------- source3/utils/net_rpc_samsync.c | 161 --------------------------------------- 6 files changed, 241 insertions(+), 205 deletions(-) create mode 100644 source3/libnet/libnet_samsync.h (limited to 'source3') diff --git a/source3/libnet/libnet.h b/source3/libnet/libnet.h index 6768b948d6..2b5e60bf14 100644 --- a/source3/libnet/libnet.h +++ b/source3/libnet/libnet.h @@ -20,6 +20,7 @@ #ifndef __LIBNET_H__ #define __LIBNET_H__ +#include "libnet/libnet_samsync.h" #include "librpc/gen_ndr/libnet_join.h" #include "libnet/libnet_proto.h" diff --git a/source3/libnet/libnet_proto.h b/source3/libnet/libnet_proto.h index 52382e91a5..eeb4a72644 100644 --- a/source3/libnet/libnet_proto.h +++ b/source3/libnet/libnet_proto.h @@ -50,5 +50,12 @@ NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx, bool rid_crypt, enum netr_SamDatabaseID database_id, struct netr_DELTA_ENUM_ARRAY *r); - +NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx, + const struct dom_sid *domain_sid, + enum net_samsync_mode mode, + struct samsync_context **ctx_p); +NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd, + enum netr_SamDatabaseID database_id, + samsync_fn_t callback_fn, + struct samsync_context *ctx); #endif /* _LIBNET_PROTO_H_ */ diff --git a/source3/libnet/libnet_samsync.c b/source3/libnet/libnet_samsync.c index e45a84568c..d6331fd08c 100644 --- a/source3/libnet/libnet_samsync.c +++ b/source3/libnet/libnet_samsync.c @@ -22,6 +22,7 @@ #include "includes.h" +#include "libnet/libnet_samsync.h" /** * Decrypt and extract the user's passwords. @@ -186,3 +187,166 @@ NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } + +/** + * samsync_init_context + */ + +NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx, + const struct dom_sid *domain_sid, + enum net_samsync_mode mode, + struct samsync_context **ctx_p) +{ + struct samsync_context *ctx; + + *ctx_p = NULL; + + ctx = TALLOC_ZERO_P(mem_ctx, struct samsync_context); + NT_STATUS_HAVE_NO_MEMORY(ctx); + + ctx->mode = mode; + + if (domain_sid) { + ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid); + NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid); + + ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid); + NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid_str); + } + + *ctx_p = ctx; + + return NT_STATUS_OK; +} + +/** + * samsync_debug_str + */ + +static const char *samsync_debug_str(TALLOC_CTX *mem_ctx, + enum net_samsync_mode mode, + enum netr_SamDatabaseID database_id) +{ + const char *action = NULL; + const char *str = NULL; + + switch (mode) { + case NET_SAMSYNC_MODE_DUMP: + action = "Dumping (to stdout)"; + break; + case NET_SAMSYNC_MODE_FETCH_PASSDB: + action = "Fetching (to passdb)"; + break; + case NET_SAMSYNC_MODE_FETCH_LDIF: + action = "Fetching (to ldif)"; + break; + default: + action = "Unknown"; + break; + } + + switch (database_id) { + case SAM_DATABASE_DOMAIN: + str = talloc_asprintf(mem_ctx, "%s DOMAIN database", + action); + break; + case SAM_DATABASE_BUILTIN: + str = talloc_asprintf(mem_ctx, "%s BUILTIN database", + action); + break; + case SAM_DATABASE_PRIVS: + str = talloc_asprintf(mem_ctx, "%s PRIVS database", + action); + break; + default: + str = talloc_asprintf(mem_ctx, "%s unknown database type %u", + action, database_id); + break; + } + + return str; +} + +/** + * samsync_process_database + */ + +NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd, + enum netr_SamDatabaseID database_id, + samsync_fn_t callback_fn, + struct samsync_context *ctx) +{ + NTSTATUS result; + TALLOC_CTX *mem_ctx; + const char *logon_server = pipe_hnd->desthost; + const char *computername = global_myname(); + struct netr_Authenticator credential; + struct netr_Authenticator return_authenticator; + uint16_t restart_state = 0; + uint32_t sync_context = 0; + const char *debug_str; + DATA_BLOB session_key; + + ZERO_STRUCT(return_authenticator); + + if (!(mem_ctx = talloc_init("samsync_process_database"))) { + return NT_STATUS_NO_MEMORY; + } + + debug_str = samsync_debug_str(mem_ctx, ctx->mode, database_id); + if (debug_str) { + d_fprintf(stderr, "%s\n", debug_str); + } + + do { + struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; + + netlogon_creds_client_step(pipe_hnd->dc, &credential); + + result = rpccli_netr_DatabaseSync2(pipe_hnd, mem_ctx, + logon_server, + computername, + &credential, + &return_authenticator, + database_id, + restart_state, + &sync_context, + &delta_enum_array, + 0xffff); + if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) { + return result; + } + + /* Check returned credentials. */ + if (!netlogon_creds_client_check(pipe_hnd->dc, + &return_authenticator.cred)) { + DEBUG(0,("credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + + if (NT_STATUS_IS_ERR(result)) { + break; + } + + session_key = data_blob_const(pipe_hnd->dc->sess_key, 16); + + samsync_fix_delta_array(mem_ctx, + &session_key, + true, + database_id, + delta_enum_array); + + /* Process results */ + callback_fn(mem_ctx, database_id, delta_enum_array, result, ctx); + + TALLOC_FREE(delta_enum_array); + + /* Increment sync_context */ + sync_context += 1; + + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + + talloc_destroy(mem_ctx); + + return result; +} diff --git a/source3/libnet/libnet_samsync.h b/source3/libnet/libnet_samsync.h new file mode 100644 index 0000000000..5898a15ebd --- /dev/null +++ b/source3/libnet/libnet_samsync.h @@ -0,0 +1,68 @@ +/* + * Unix SMB/CIFS implementation. + * libnet Support + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + + +enum net_samsync_mode { + NET_SAMSYNC_MODE_FETCH_PASSDB = 0, + NET_SAMSYNC_MODE_FETCH_LDIF = 1, + NET_SAMSYNC_MODE_DUMP = 2 +}; + +/* Structure for mapping accounts to groups */ +/* Array element is the group rid */ +typedef struct _groupmap { + uint32_t rid; + uint32_t gidNumber; + const char *sambaSID; + const char *group_dn; +} GROUPMAP; + +typedef struct _accountmap { + uint32_t rid; + const char *cn; +} ACCOUNTMAP; + +struct samsync_ldif_context { + GROUPMAP *groupmap; + ACCOUNTMAP *accountmap; + bool initialized; + const char *add_template; + const char *mod_template; + char *add_name; + char *mod_name; + FILE *add_file; + FILE *mod_file; + FILE *ldif_file; + const char *suffix; + int num_alloced; +}; + +struct samsync_context { + enum net_samsync_mode mode; + const struct dom_sid *domain_sid; + const char *domain_sid_str; + const char *ldif_filename; + struct samsync_ldif_context *ldif; +}; + +typedef NTSTATUS (*samsync_fn_t)(TALLOC_CTX *, + enum netr_SamDatabaseID, + struct netr_DELTA_ENUM_ARRAY *, + NTSTATUS, + struct samsync_context *); diff --git a/source3/utils/net.h b/source3/utils/net.h index 627ac0aaa1..aa4f3dbb6d 100644 --- a/source3/utils/net.h +++ b/source3/utils/net.h @@ -145,46 +145,3 @@ enum netdom_domain_t { ND_TYPE_NT4, ND_TYPE_AD }; /* net share operation modes */ #define NET_MODE_SHARE_MIGRATE 1 -/* Structure for mapping accounts to groups */ -/* Array element is the group rid */ -typedef struct _groupmap { - uint32_t rid; - uint32_t gidNumber; - const char *sambaSID; - const char *group_dn; -} GROUPMAP; - -typedef struct _accountmap { - uint32_t rid; - const char *cn; -} ACCOUNTMAP; - -enum net_samsync_mode { - NET_SAMSYNC_MODE_FETCH_PASSDB = 0, - NET_SAMSYNC_MODE_FETCH_LDIF = 1, - NET_SAMSYNC_MODE_DUMP = 2 -}; - -struct samsync_ldif_context { - GROUPMAP *groupmap; - ACCOUNTMAP *accountmap; - bool initialized; - const char *add_template; - const char *mod_template; - char *add_name; - char *mod_name; - FILE *add_file; - FILE *mod_file; - FILE *ldif_file; - const char *suffix; - int num_alloced; -}; - -struct samsync_context { - enum net_samsync_mode mode; - const struct dom_sid *domain_sid; - const char *domain_sid_str; - const char *ldif_filename; - - struct samsync_ldif_context *ldif; -}; diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 5343a0465b..3f661161cb 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -343,167 +343,6 @@ static NTSTATUS display_sam_entries(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -static NTSTATUS samsync_init_context(TALLOC_CTX *mem_ctx, - const struct dom_sid *domain_sid, - enum net_samsync_mode mode, - struct samsync_context **ctx_p) -{ - struct samsync_context *ctx; - - *ctx_p = NULL; - - ctx = TALLOC_ZERO_P(mem_ctx, struct samsync_context); - NT_STATUS_HAVE_NO_MEMORY(ctx); - - ctx->mode = mode; - - if (domain_sid) { - ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid); - NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid); - - ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid); - NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid_str); - } - - *ctx_p = ctx; - - return NT_STATUS_OK; -} - -const char *samsync_debug_str(TALLOC_CTX *mem_ctx, - enum net_samsync_mode mode, - enum netr_SamDatabaseID database_id) -{ - const char *action = NULL; - const char *str = NULL; - - switch (mode) { - case NET_SAMSYNC_MODE_DUMP: - action = "Dumping (to stdout)"; - break; - case NET_SAMSYNC_MODE_FETCH_PASSDB: - action = "Fetching (to passdb)"; - break; - case NET_SAMSYNC_MODE_FETCH_LDIF: - action = "Fetching (to ldif)"; - break; - default: - action = "Unknown"; - break; - } - - switch (database_id) { - case SAM_DATABASE_DOMAIN: - str = talloc_asprintf(mem_ctx, "%s DOMAIN database", - action); - break; - case SAM_DATABASE_BUILTIN: - str = talloc_asprintf(mem_ctx, "%s BUILTIN database", - action); - break; - case SAM_DATABASE_PRIVS: - str = talloc_asprintf(mem_ctx, "%s PRIVS database", - action); - break; - default: - str = talloc_asprintf(mem_ctx, "%s unknown database type %u", - action, database_id); - break; - } - - if (!str) { - return NULL; - } - - return str; -} - -typedef NTSTATUS (*samsync_fn_t)(TALLOC_CTX *, - enum netr_SamDatabaseID, - struct netr_DELTA_ENUM_ARRAY *, - NTSTATUS, - struct samsync_context *); - -static NTSTATUS samsync_process_database(struct rpc_pipe_client *pipe_hnd, - enum netr_SamDatabaseID database_id, - samsync_fn_t callback_fn, - struct samsync_context *ctx) -{ - NTSTATUS result; - TALLOC_CTX *mem_ctx; - const char *logon_server = pipe_hnd->desthost; - const char *computername = global_myname(); - struct netr_Authenticator credential; - struct netr_Authenticator return_authenticator; - uint16_t restart_state = 0; - uint32_t sync_context = 0; - const char *debug_str; - DATA_BLOB session_key; - - ZERO_STRUCT(return_authenticator); - - if (!(mem_ctx = talloc_init("samsync_process_database"))) { - return NT_STATUS_NO_MEMORY; - } - - debug_str = samsync_debug_str(mem_ctx, ctx->mode, database_id); - if (debug_str) { - d_fprintf(stderr, "%s\n", debug_str); - } - - do { - struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; - - netlogon_creds_client_step(pipe_hnd->dc, &credential); - - result = rpccli_netr_DatabaseSync2(pipe_hnd, mem_ctx, - logon_server, - computername, - &credential, - &return_authenticator, - database_id, - restart_state, - &sync_context, - &delta_enum_array, - 0xffff); - if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) { - return result; - } - - /* Check returned credentials. */ - if (!netlogon_creds_client_check(pipe_hnd->dc, - &return_authenticator.cred)) { - DEBUG(0,("credentials chain check failed\n")); - return NT_STATUS_ACCESS_DENIED; - } - - if (NT_STATUS_IS_ERR(result)) { - break; - } - - session_key = data_blob_const(pipe_hnd->dc->sess_key, 16); - - samsync_fix_delta_array(mem_ctx, - &session_key, - true, - database_id, - delta_enum_array); - - /* Process results */ - callback_fn(mem_ctx, database_id, delta_enum_array, result, ctx); - - TALLOC_FREE(delta_enum_array); - - /* Increment sync_context */ - sync_context += 1; - - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - - talloc_destroy(mem_ctx); - - return result; -} - /* dump sam database via samsync rpc calls */ NTSTATUS rpc_samdump_internals(struct net_context *c, const DOM_SID *domain_sid, -- cgit