/*
Unix SMB/CIFS implementation.
RPC pipe client
Copyright (C) Tim Potter 2000-2001,
Copyright (C) Andrew Tridgell 1992-1997,2000,
Copyright (C) Rafal Szczesniak 2002
Copyright (C) Jeremy Allison 2005.
Copyright (C) Michael Adam 2007.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
#include "includes.h"
/** @defgroup lsa LSA - Local Security Architecture
* @ingroup rpc_client
*
* @{
**/
/**
* @file cli_lsarpc.c
*
* RPC client routines for the LSA RPC pipe. LSA means "local
* security authority", which is half of a password database.
**/
/** Open a LSA policy handle
*
* @param cli Handle on an initialised SMB connection */
NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
bool sec_qos, uint32 des_access,
POLICY_HND *pol)
{
prs_struct qbuf, rbuf;
LSA_Q_OPEN_POL q;
LSA_R_OPEN_POL r;
LSA_SEC_QOS qos;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Initialise input parameters */
if (sec_qos) {
init_lsa_sec_qos(&qos, 2, 1, 0);
init_q_open_pol(&q, '\\', 0, des_access, &qos);
} else {
init_q_open_pol(&q, '\\', 0, des_access, NULL);
}
/* Marshall data and send request */
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY,
q, r,
qbuf, rbuf,
lsa_io_q_open_pol,
lsa_io_r_open_pol,
NT_STATUS_UNSUCCESSFUL );
/* Return output parameters */
result = r.status;
if (NT_STATUS_IS_OK(result)) {
*pol = r.pol;
}
return result;
}
/** Open a LSA policy handle
*
* @param cli Handle on an initialised SMB connection
*/
NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, bool sec_qos,
uint32 des_access, POLICY_HND *pol)
{
prs_struct qbuf, rbuf;
LSA_Q_OPEN_POL2 q;
LSA_R_OPEN_POL2 r;
LSA_SEC_QOS qos;
NTSTATUS result;
char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
ZERO_STRUCT(q);
ZERO_STRUCT(r);
if (sec_qos) {
init_lsa_sec_qos(&qos, 2, 1, 0);
init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos);
} else {
init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL);
}
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2,
q, r,
qbuf, rbuf,
lsa_io_q_open_pol2,
lsa_io_r_open_pol2,
NT_STATUS_UNSUCCESSFUL );
/* Return output parameters */
result = r.status;
if (NT_STATUS_IS_OK(result)) {
*pol = r.pol;
}
return result;
}
/* Lookup a list of sids
*
* internal version withOUT memory allocation of the target arrays.
* this assumes suffciently sized arrays to store domains, names and types. */
static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol,
int num_sids,
const DOM_SID *sids,
char **domains,
char **names,
enum lsa_SidType *types)
{
prs_struct qbuf, rbuf;
LSA_Q_LOOKUP_SIDS q;
LSA_R_LOOKUP_SIDS r;
DOM_R_REF ref;
NTSTATUS result = NT_STATUS_OK;
TALLOC_CTX *tmp_ctx = NULL;
int i;
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
DEBUG(0, ("rpccli_lsa_lookup_sids_noalloc: out of memory!\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_lookup_sids(tmp_ctx, &q, pol, num_sids, sids, 1);
ZERO_STRUCT(ref);
r.dom_ref = &ref;
CLI_DO_RPC( cli, tmp_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
q, r,
qbuf, rbuf,
lsa_io_q_lookup_sids,
lsa_io_r_lookup_sids,
NT_STATUS_UNSUCCESSFUL );
DEBUG(10, ("LSA_LOOKUPSIDS returned '%s', mapped count = %d'\n",
nt_errstr(r.status), r.mapped_count));
if (!NT_STATUS_IS_OK(r.status) &&
!NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) &&
!NT_STATUS_EQUAL(r.status, STATUS_SOME_UNMAPPED))
{
/* An actual error occured */
result = r.status;
goto done;
}
/* Return output parameters */
if (NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) ||
(r.mapped_count == 0))
{
for (i = 0; i < num_sids; i++) {
(names)[i] = NULL;
(domains)[i] = NULL;
(types)[i] = SID_NAME_UNKNOWN;
}
result = NT_STATUS_NONE_MAPPED;
goto done;
}
for (i = 0; i < num_sids; i++) {
fstring name, dom_name;
uint32 dom_idx = r.names.name[i].domain_idx;
/* Translate optimised name through domain index array */
if (dom_idx != 0xffffffff) {
rpcstr_pull_unistr2_fstring(
dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
rpcstr_pull_unistr2_fstring(
name, &r.names.uni_name[i]);
(names)[i] = talloc_strdup(mem_ctx, name);
(domains)[i] = talloc_strdup(mem_ctx, dom_name);
(types)[i] = r.names.name[i].sid_name_use;
if (((names)[i] == NULL) || ((domains)[i] == NULL)) {
DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
} else {
(names)[i] = NULL;
(domains)[i] = NULL;
(types)[i] = SID_NAME_UNKNOWN;
}
}
done:
TALLOC_FREE(tmp_ctx);
return result;
}
/* Lookup a list of sids
*
* do it the right way: there is a limit (of 20480 for w2k3) entries
* returned by this call. when the sids list contains more entries,
* empty lists are returned. This version of lsa_lookup_sids passes
* the list of sids in hunks of LOOKUP_SIDS_HUNK_SIZE to the lsa call. */
/* This constant defines the limit of how many sids to look up
* in one call (maximum). the limit from the server side is
* at 20480 for win2k3, but we keep it at a save 1000 for now. */
#define LOOKUP_SIDS_HUNK_SIZE 1000
NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol,
int num_sids,
const DOM_SID *sids,
char ***domains,
char ***names,
enum lsa_SidType **types)
{
NTSTATUS result = NT_STATUS_OK;
int sids_left = 0;
int sids_processed = 0;
const DOM_SID *hunk_sids = sids;
char **hunk_domains = NULL;
char **hunk_names = NULL;
enum lsa_SidType *hunk_types = NULL;
if (num_sids) {
if (!((*domains) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto fail;
}
if (!((*names) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto fail;
}
if (!((*types) = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_sids))) {
DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto fail;
}
} else {
(*domains) = NULL;
(*names) = NULL;
(*types) = NULL;
}
sids_left = num_sids;
hunk_domains = *domains;
hunk_names = *names;
hunk_types = *types;
while (sids_left > 0) {
int hunk_num_sids;
NTSTATUS hunk_result = NT_STATUS_OK;
hunk_num_sids = ((sids_left > LOOKUP_SIDS_HUNK_SIZE)
? LOOKUP_SIDS_HUNK_SIZE
: sids_left);
DEBUG(10, ("rpccli_lsa_lookup_sids: processing items "
"%d -- %d of %d.\n",
sids_processed,
sids_processed + hunk_num_sids - 1,
num_sids));
hunk_result = rpccli_lsa_lookup_sids_noalloc(cli,
mem_ctx,
pol,
hunk_num_sids,
hunk_sids,
hunk_domains,
hunk_names,
hunk_types);
if (!NT_STATUS_IS_OK(hunk_result) &&
!NT_STATUS_EQUAL(hunk_result, STATUS_SOME_UNMAPPED) &&
!NT_STATUS_EQUAL(hunk_result, NT_STATUS_NONE_MAPPED))
{
/* An actual error occured */
result = hunk_result;
goto fail;
}
/* adapt overall result */
if (( NT_STATUS_IS_OK(result) &&
!NT_STATUS_IS_OK(hunk_result))
||
( NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) &&
!NT_STATUS_EQUAL(hunk_result, NT_STATUS_NONE_MAPPED)))
{
result = STATUS_SOME_UNMAPPED;
}
sids_left -= hunk_num_sids;
sids_processed += hunk_num_sids; /* only used in DEBUG */
hunk_sids += hunk_num_sids;
hunk_domains += hunk_num_sids;
hunk_names += hunk_num_sids;
hunk_types += hunk_num_sids;
}
return result;
fail:
TALLOC_FREE(*domains);
TALLOC_FREE(*names);
TALLOC_FREE(*types);
return result;
}
/** Lookup a list of names */
NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol, int num_names,
const char **names,
const char ***dom_names,
int level,
DOM_SID **sids,
enum lsa_SidType **types)
{
prs_struct qbuf, rbuf;
LSA_Q_LOOKUP_NAMES q;
LSA_R_LOOKUP_NAMES r;
DOM_R_REF ref;
NTSTATUS result;
int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
ZERO_STRUCT(ref);
r.dom_ref = &ref;
init_q_lookup_names(mem_ctx, &q, pol, num_names, names, level);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
q, r,
qbuf, rbuf,
lsa_io_q_lookup_names,
lsa_io_r_lookup_names,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
/* An actual error occured */
goto done;
}
/* Return output parameters */
if (r.mapped_count == 0) {
result = NT_STATUS_NONE_MAPPED;
goto done;
}
if (num_names) {
if (!((*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, num_names)))) {
DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
if (!((*types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_names)))) {
DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
if (dom_names != NULL) {
*dom_names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
if (*dom_names == NULL) {
DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
}
} else {
*sids = NULL;
*types = NULL;
if (dom_names != NULL) {
*dom_names = NULL;
}
}
for (i = 0; i < num_names; i++) {
DOM_RID *t_rids = r.dom_rid;
uint32 dom_idx = t_rids[i].rid_idx;
uint32 dom_rid = t_rids[i].rid;
DOM_SID *sid = &(*sids)[i];
/* Translate optimised sid through domain index array */
if (dom_idx == 0xffffffff) {
/* Nothing to do, this is unknown */
ZERO_STRUCTP(sid);
(*types)[i] = SID_NAME_UNKNOWN;
continue;
}
sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
if (dom_rid != 0xffffffff) {
sid_append_rid(sid, dom_rid);
}
(*types)[i] = t_rids[i].type;
if (dom_names == NULL) {
continue;
}
(*dom_names)[i] = rpcstr_pull_unistr2_talloc(
*dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
}
done:
return result;
}
NTSTATUS rpccli_lsa_query_info_policy_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint16 info_class,
LSA_INFO_CTR *ctr)
{
prs_struct qbuf, rbuf;
LSA_Q_QUERY_INFO q;
LSA_R_QUERY_INFO r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_query(&q, pol, info_class);
CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
q, r,
qbuf, rbuf,
lsa_io_q_query,
lsa_io_r_query,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
done:
*ctr = r.ctr;
return result;
}
NTSTATUS rpccli_lsa_query_info_policy2_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint16 info_class,
LSA_INFO_CTR2 *ctr)
{
prs_struct qbuf, rbuf;
LSA_Q_QUERY_INFO2 q;
LSA_R_QUERY_INFO2 r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_query2(&q, pol, info_class);
CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
q, r,
qbuf, rbuf,
lsa_io_q_query_info2,
lsa_io_r_query_info2,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
done:
*ctr = r.ctr;
return result;
}
/** Query info policy
*
* @param domain_sid - returned remote server's domain sid */
NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint16 info_class,
const char **domain_name,
DOM_SID **domain_sid)
{
prs_struct qbuf, rbuf;
LSA_Q_QUERY_INFO q;
LSA_R_QUERY_INFO r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_query(&q, pol, info_class);
CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
q, r,
qbuf, rbuf,
lsa_io_q_query,
lsa_io_r_query,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Return output parameters */
switch (info_class) {
case 3:
if (domain_name && (r.ctr.info.id3.buffer_dom_name != 0)) {
*domain_name = unistr2_to_ascii_talloc(mem_ctx,
&r.ctr.info.id3.
uni_domain_name);
if (!*domain_name) {
return NT_STATUS_NO_MEMORY;
}
}
if (domain_sid && (r.ctr.info.id3.buffer_dom_sid != 0)) {
*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
if (!*domain_sid) {
return NT_STATUS_NO_MEMORY;
}
sid_copy(*domain_sid, &r.ctr.info.id3.dom_sid.sid);
}
break;
case 5:
if (domain_name && (r.ctr.info.id5.buffer_dom_name != 0)) {
*domain_name = unistr2_to_ascii_talloc(mem_ctx,
&r.ctr.info.id5.
uni_domain_name);
if (!*domain_name) {
return NT_STATUS_NO_MEMORY;
}
}
if (domain_sid && (r.ctr.info.id5.buffer_dom_sid != 0)) {
*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
if (!*domain_sid) {
return NT_STATUS_NO_MEMORY;
}
sid_copy(*domain_sid, &r.ctr.info.id5.dom_sid.sid);
}
break;
default:
DEBUG(3, ("unknown info class %d\n", info_class));
break;
}
done:
return result;
}
/** Query info policy2
*
* @param domain_name - returned remote server's domain name
* @param dns_name - returned remote server's dns domain name
* @param forest_name - returned remote server's forest name
* @param domain_guid - returned remote server's domain guid
* @param domain_sid - returned remote server's domain sid */
NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint16 info_class,
const char **domain_name,
const char **dns_name,
const char **forest_name,
struct GUID **domain_guid,
DOM_SID **domain_sid)
{
prs_struct qbuf, rbuf;
LSA_Q_QUERY_INFO2 q;
LSA_R_QUERY_INFO2 r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
if (info_class != 12)
goto done;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_query2(&q, pol, info_class);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
q, r,
qbuf, rbuf,
lsa_io_q_query_info2,
lsa_io_r_query_info2,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Return output parameters */
ZERO_STRUCTP(domain_guid);
if (domain_name && r.ctr.info.id12.hdr_nb_dom_name.buffer) {
*domain_name = unistr2_to_ascii_talloc(mem_ctx,
&r.ctr.info.id12
.uni_nb_dom_name);
if (!*domain_name) {
return NT_STATUS_NO_MEMORY;
}
}
if (dns_name && r.ctr.info.id12.hdr_dns_dom_name.buffer) {
*dns_name = unistr2_to_ascii_talloc(mem_ctx,
&r.ctr.info.id12
.uni_dns_dom_name);
if (!*dns_name) {
return NT_STATUS_NO_MEMORY;
}
}
if (forest_name && r.ctr.info.id12.hdr_forest_name.buffer) {
*forest_name = unistr2_to_ascii_talloc(mem_ctx,
&r.ctr.info.id12
.uni_forest_name);
if (!*forest_name) {
return NT_STATUS_NO_MEMORY;
}
}
if (domain_guid) {
*domain_guid = TALLOC_P(mem_ctx, struct GUID);
if (!*domain_guid) {
return NT_STATUS_NO_MEMORY;
}
memcpy(*domain_guid,
&r.ctr.info.id12.dom_guid,
sizeof(struct GUID));
}
if (domain_sid && r.ctr.info.id12.ptr_dom_sid != 0) {
*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
if (!*domain_sid) {
return NT_STATUS_NO_MEMORY;
}
sid_copy(*domain_sid,
&r.ctr.info.id12.dom_sid.sid);
}
done:
return result;
}
/**
* Enumerate list of trusted domains
*
* @param cli client state (cli_state) structure of the connection
* @param mem_ctx memory context
* @param pol opened lsa policy handle
* @param enum_ctx enumeration context ie. index of first returned domain entry
* @param pref_num_domains preferred max number of entries returned in one response
* @param num_domains total number of trusted domains returned by response
* @param domain_names returned trusted domain names
* @param domain_sids returned trusted domain sids
*
* @return nt status code of response
**/
NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint32 *enum_ctx,
uint32 *num_domains,
char ***domain_names, DOM_SID **domain_sids)
{
prs_struct qbuf, rbuf;
LSA_Q_ENUM_TRUST_DOM in;
LSA_R_ENUM_TRUST_DOM out;
int i;
fstring tmp;
ZERO_STRUCT(in);
ZERO_STRUCT(out);
/* 64k is enough for about 2000 trusted domains */
init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM,
in, out,
qbuf, rbuf,
lsa_io_q_enum_trust_dom,
lsa_io_r_enum_trust_dom,
NT_STATUS_UNSUCCESSFUL );
/* check for an actual error */
if ( !NT_STATUS_IS_OK(out.status)
&& !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES)
&& !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) )
{
return out.status;
}
/* Return output parameters */
*num_domains = out.count;
*enum_ctx = out.enum_context;
if ( out.count ) {
/* Allocate memory for trusted domain names and sids */
if ( !(*domain_names = TALLOC_ARRAY(mem_ctx, char *, out.count)) ) {
DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
return NT_STATUS_NO_MEMORY;
}
if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) {
DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
return NT_STATUS_NO_MEMORY;
}
/* Copy across names and sids */
for (i = 0; i < out.count; i++) {
rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer,
sizeof(tmp), out.domlist->domains[i].name.length, 0);
(*domain_names)[i] = talloc_strdup(mem_ctx, tmp);
sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid );
}
}
return out.status;
}
/** Enumerate privileges*/
NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length,
uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low)
{
prs_struct qbuf, rbuf;
LSA_Q_ENUM_PRIVS q;
LSA_R_ENUM_PRIVS r;
NTSTATUS result;
int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS,
q, r,
qbuf, rbuf,
lsa_io_q_enum_privs,
lsa_io_r_enum_privs,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Return output parameters */
*enum_context = r.enum_context;
*count = r.count;
if (r.count) {
if (!((*privs_name = TALLOC_ARRAY(mem_ctx, char *, r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!((*privs_high = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!((*privs_low = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
} else {
*privs_name = NULL;
*privs_high = NULL;
*privs_low = NULL;
}
for (i = 0; i < r.count; i++) {
fstring name;
rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
(*privs_name)[i] = talloc_strdup(mem_ctx, name);
(*privs_high)[i] = r.privs[i].luid_high;
(*privs_low)[i] = r.privs[i].luid_low;
}
done:
return result;
}
/** Get privilege name */
NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, const char *name,
uint16 lang_id, uint16 lang_id_sys,
fstring description, uint16 *lang_id_desc)
{
prs_struct qbuf, rbuf;
LSA_Q_PRIV_GET_DISPNAME q;
LSA_R_PRIV_GET_DISPNAME r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME,
q, r,
qbuf, rbuf,
lsa_io_q_priv_get_dispname,
lsa_io_r_priv_get_dispname,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Return output parameters */
rpcstr_pull_unistr2_fstring(description , &r.desc);
*lang_id_desc = r.lang_id;
done:
return result;
}
/** Enumerate list of SIDs */
NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length,
uint32 *num_sids, DOM_SID **sids)
{
prs_struct qbuf, rbuf;
LSA_Q_ENUM_ACCOUNTS q;
LSA_R_ENUM_ACCOUNTS r;
NTSTATUS result;
int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
q, r,
qbuf, rbuf,
lsa_io_q_enum_accounts,
lsa_io_r_enum_accounts,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
if (r.sids.num_entries==0)
goto done;
/* Return output parameters */
*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
if (!*sids) {
DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
/* Copy across names and sids */
for (i = 0; i < r.sids.num_entries; i++) {
sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
}
*num_sids= r.sids.num_entries;
*enum_ctx = r.enum_context;
done:
return result;
}
/** Create a LSA user handle
*
* @param cli Handle on an initialised SMB connection
*
* FIXME: The code is actually identical to open account
* TODO: Check and code what the function should exactly do
*
* */
NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *dom_pol, DOM_SID *sid, uint32 desired_access,
POLICY_HND *user_pol)
{
prs_struct qbuf, rbuf;
LSA_Q_CREATEACCOUNT q;
LSA_R_CREATEACCOUNT r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Initialise input parameters */
init_lsa_q_create_account(&q, dom_pol, sid, desired_access);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT,
q, r,
qbuf, rbuf,
lsa_io_q_create_account,
lsa_io_r_create_account,
NT_STATUS_UNSUCCESSFUL);
/* Return output parameters */
result = r.status;
if (NT_STATUS_IS_OK(result)) {
*user_pol = r.pol;
}
return result;
}
/** Open a LSA user handle
*
* @param cli Handle on an initialised SMB connection */
NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *dom_pol, DOM_SID *sid, uint32 des_access,
POLICY_HND *user_pol)
{
prs_struct qbuf, rbuf;
LSA_Q_OPENACCOUNT q;
LSA_R_OPENACCOUNT r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Initialise input parameters */
init_lsa_q_open_account(&q, dom_pol, sid, des_access);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT,
q, r,
qbuf, rbuf,
lsa_io_q_open_account,
lsa_io_r_open_account,
NT_STATUS_UNSUCCESSFUL);
/* Return output parameters */
result = r.status;
if (NT_STATUS_IS_OK(result)) {
*user_pol = r.pol;
}
return result;
}
/** Enumerate user privileges
*
* @param cli Handle on an initialised SMB connection */
NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, uint32 *count, LUID_ATTR **set)
{
prs_struct qbuf, rbuf;
LSA_Q_ENUMPRIVSACCOUNT q;
LSA_R_ENUMPRIVSACCOUNT r;
NTSTATUS result;
int i;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Initialise input parameters */
init_lsa_q_enum_privsaccount(&q, pol);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
q, r,
qbuf, rbuf,
lsa_io_q_enum_privsaccount,
lsa_io_r_enum_privsaccount,
NT_STATUS_UNSUCCESSFUL);
/* Return output parameters */
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
if (r.count == 0)
goto done;
if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
for (i=0; istrings[i];
if ( !uni_string->string )
continue;
rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
/* now copy to the return array */
names[i] = talloc_strdup( mem_ctx, privileges[i] );
}
*priv_names = names;
done:
return result;
}
/* add account rights to an account. */
NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, DOM_SID sid,
uint32 count, const char **privs_name)
{
prs_struct qbuf, rbuf;
LSA_Q_ADD_ACCT_RIGHTS q;
LSA_R_ADD_ACCT_RIGHTS r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Marshall data and send request */
init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
q, r,
qbuf, rbuf,
lsa_io_q_add_acct_rights,
lsa_io_r_add_acct_rights,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
done:
return result;
}
/* remove account rights for an account. */
NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, DOM_SID sid, bool removeall,
uint32 count, const char **privs_name)
{
prs_struct qbuf, rbuf;
LSA_Q_REMOVE_ACCT_RIGHTS q;
LSA_R_REMOVE_ACCT_RIGHTS r;
NTSTATUS result;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
/* Marshall data and send request */
init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
q, r,
qbuf, rbuf,
lsa_io_q_remove_acct_rights,
lsa_io_r_remove_acct_rights,
NT_STATUS_UNSUCCESSFUL);
result = r.status;
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
done:
return result;
}
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
sid. Does complete cli setup / teardown anonymously. */
bool fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
{
struct cli_state cli;
NTSTATUS result;
POLICY_HND lsa_pol;
bool ret = False;
ZERO_STRUCT(cli);
if(cli_initialise(&cli) == False) {
DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
return False;
}
if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
goto done;
}
if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
goto done;
}
if (!attempt_netbios_session_request(&cli, global_myname(), remote_machine, &cli.dest_ip)) {
DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
remote_machine));
goto done;
}
cli.protocol = PROTOCOL_NT1;
if (!cli_negprot(&cli)) {
DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
goto done;
}
if (cli.protocol != PROTOCOL_NT1) {
DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
remote_machine));
goto done;
}
/*
* Do an anonymous session setup.
*/
if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
goto done;
}
if (!(cli.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
remote_machine));
goto done;
}
if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
goto done;
}
/* Fetch domain sid */
if (!cli_nt_session_open(&cli, PI_LSARPC)) {
DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
goto done;
}
result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
nt_errstr(result) ));
goto done;
}
result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
nt_errstr(result) ));
goto done;
}
ret = True;
done:
cli_shutdown(&cli);
return ret;
}
#endif