2
Unix SMB/CIFS implementation.
4
Copyright (C) Volker Lendecke 2005
6
This program is free software; you can redistribute it and/or modify
7
it under the terms of the GNU General Public License as published by
8
the Free Software Foundation; either version 3 of the License, or
9
(at your option) any later version.
11
This program is distributed in the hope that it will be useful,
12
but WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
GNU General Public License for more details.
16
You should have received a copy of the GNU General Public License
17
along with this program. If not, see <http://www.gnu.org/licenses/>.
20
a composite API for finding a DC and its name
24
#include "libcli/composite/composite.h"
25
#include "winbind/wb_async_helpers.h"
27
#include "lib/messaging/irpc.h"
28
#include "librpc/gen_ndr/irpc.h"
29
#include "auth/credentials/credentials.h"
30
#include "libcli/security/security.h"
31
#include "libcli/auth/libcli_auth.h"
32
#include "librpc/gen_ndr/ndr_netlogon_c.h"
33
#include "librpc/gen_ndr/ndr_lsa_c.h"
34
#include "librpc/gen_ndr/ndr_samr_c.h"
36
#include "winbind/wb_helper.h"
38
struct lsa_lookupsids_state {
39
struct composite_context *ctx;
41
struct lsa_LookupSids r;
42
struct lsa_SidArray sids;
43
struct lsa_TransNameArray names;
44
struct lsa_RefDomainList *domains;
46
struct wb_sid_object **result;
49
static void lsa_lookupsids_recv_names(struct rpc_request *req);
51
struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx,
52
struct dcerpc_pipe *lsa_pipe,
53
struct policy_handle *handle,
55
const struct dom_sid **sids)
57
struct composite_context *result;
58
struct rpc_request *req;
59
struct lsa_lookupsids_state *state;
62
result = composite_create(mem_ctx, lsa_pipe->conn->event_ctx);
63
if (result == NULL) goto failed;
65
state = talloc(result, struct lsa_lookupsids_state);
66
if (state == NULL) goto failed;
67
result->private_data = state;
70
state->sids.num_sids = num_sids;
71
state->sids.sids = talloc_array(state, struct lsa_SidPtr, num_sids);
72
if (state->sids.sids == NULL) goto failed;
74
for (i=0; i<num_sids; i++) {
75
state->sids.sids[i].sid = dom_sid_dup(state->sids.sids,
77
if (state->sids.sids[i].sid == NULL) goto failed;
80
state->domains = talloc(state, struct lsa_RefDomainList);
81
if (state->domains == NULL) goto failed;
84
state->num_sids = num_sids;
85
state->names.count = 0;
86
state->names.names = NULL;
88
state->r.in.handle = handle;
89
state->r.in.sids = &state->sids;
90
state->r.in.names = &state->names;
91
state->r.in.level = 1;
92
state->r.in.count = &state->count;
93
state->r.out.names = &state->names;
94
state->r.out.count = &state->count;
95
state->r.out.domains = &state->domains;
97
req = dcerpc_lsa_LookupSids_send(lsa_pipe, state, &state->r);
98
if (req == NULL) goto failed;
100
req->async.callback = lsa_lookupsids_recv_names;
101
req->async.private_data = state;
109
static void lsa_lookupsids_recv_names(struct rpc_request *req)
111
struct lsa_lookupsids_state *state =
112
talloc_get_type(req->async.private_data,
113
struct lsa_lookupsids_state);
116
state->ctx->status = dcerpc_ndr_request_recv(req);
117
if (!composite_is_ok(state->ctx)) return;
118
state->ctx->status = state->r.out.result;
119
if (!NT_STATUS_IS_OK(state->ctx->status) &&
120
!NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) {
121
composite_error(state->ctx, state->ctx->status);
125
state->result = talloc_array(state, struct wb_sid_object *,
127
if (composite_nomem(state->result, state->ctx)) return;
129
for (i=0; i<state->num_sids; i++) {
130
struct lsa_TranslatedName *name =
131
&state->r.out.names->names[i];
132
struct lsa_DomainInfo *dom;
133
struct lsa_RefDomainList *domains =
136
state->result[i] = talloc_zero(state->result,
137
struct wb_sid_object);
138
if (composite_nomem(state->result[i], state->ctx)) return;
140
state->result[i]->type = name->sid_type;
141
if (state->result[i]->type == SID_NAME_UNKNOWN) {
145
if (name->sid_index >= domains->count) {
146
composite_error(state->ctx,
147
NT_STATUS_INVALID_PARAMETER);
151
dom = &domains->domains[name->sid_index];
152
state->result[i]->domain = talloc_reference(state->result[i],
154
if ((name->sid_type == SID_NAME_DOMAIN) ||
155
(name->name.string == NULL)) {
156
state->result[i]->name =
157
talloc_strdup(state->result[i], "");
159
state->result[i]->name =
160
talloc_steal(state->result[i],
164
if (composite_nomem(state->result[i]->name, state->ctx)) {
169
composite_done(state->ctx);
172
NTSTATUS wb_lsa_lookupsids_recv(struct composite_context *c,
174
struct wb_sid_object ***names)
176
NTSTATUS status = composite_wait(c);
177
if (NT_STATUS_IS_OK(status)) {
178
struct lsa_lookupsids_state *state =
179
talloc_get_type(c->private_data,
180
struct lsa_lookupsids_state);
181
*names = talloc_steal(mem_ctx, state->result);
188
struct lsa_lookupnames_state {
189
struct composite_context *ctx;
191
struct lsa_LookupNames r;
192
struct lsa_TransSidArray sids;
193
struct lsa_RefDomainList *domains;
195
struct wb_sid_object **result;
198
static void lsa_lookupnames_recv_sids(struct rpc_request *req);
200
struct composite_context *wb_lsa_lookupnames_send(TALLOC_CTX *mem_ctx,
201
struct dcerpc_pipe *lsa_pipe,
202
struct policy_handle *handle,
206
struct composite_context *result;
207
struct rpc_request *req;
208
struct lsa_lookupnames_state *state;
210
struct lsa_String *lsa_names;
213
result = composite_create(mem_ctx, lsa_pipe->conn->event_ctx);
214
if (result == NULL) goto failed;
216
state = talloc(result, struct lsa_lookupnames_state);
217
if (state == NULL) goto failed;
218
result->private_data = state;
221
state->sids.count = 0;
222
state->sids.sids = NULL;
223
state->num_names = num_names;
226
lsa_names = talloc_array(state, struct lsa_String, num_names);
227
if (lsa_names == NULL) goto failed;
229
for (i=0; i<num_names; i++) {
230
lsa_names[i].string = names[i];
233
state->domains = talloc(state, struct lsa_RefDomainList);
234
if (state->domains == NULL) goto failed;
236
state->r.in.handle = handle;
237
state->r.in.num_names = num_names;
238
state->r.in.names = lsa_names;
239
state->r.in.sids = &state->sids;
240
state->r.in.level = 1;
241
state->r.in.count = &state->count;
242
state->r.out.count = &state->count;
243
state->r.out.sids = &state->sids;
244
state->r.out.domains = &state->domains;
246
req = dcerpc_lsa_LookupNames_send(lsa_pipe, state, &state->r);
247
if (req == NULL) goto failed;
249
req->async.callback = lsa_lookupnames_recv_sids;
250
req->async.private_data = state;
258
static void lsa_lookupnames_recv_sids(struct rpc_request *req)
260
struct lsa_lookupnames_state *state =
261
talloc_get_type(req->async.private_data,
262
struct lsa_lookupnames_state);
265
state->ctx->status = dcerpc_ndr_request_recv(req);
266
if (!composite_is_ok(state->ctx)) return;
267
state->ctx->status = state->r.out.result;
268
if (!NT_STATUS_IS_OK(state->ctx->status) &&
269
!NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) {
270
composite_error(state->ctx, state->ctx->status);
274
state->result = talloc_array(state, struct wb_sid_object *,
276
if (composite_nomem(state->result, state->ctx)) return;
278
for (i=0; i<state->num_names; i++) {
279
struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i];
280
struct lsa_RefDomainList *domains = state->domains;
281
struct lsa_DomainInfo *dom;
283
state->result[i] = talloc_zero(state->result,
284
struct wb_sid_object);
285
if (composite_nomem(state->result[i], state->ctx)) return;
287
state->result[i]->type = sid->sid_type;
288
if (state->result[i]->type == SID_NAME_UNKNOWN) {
292
if (sid->sid_index >= domains->count) {
293
composite_error(state->ctx,
294
NT_STATUS_INVALID_PARAMETER);
298
dom = &domains->domains[sid->sid_index];
300
state->result[i]->sid = dom_sid_add_rid(state->result[i],
304
composite_done(state->ctx);
307
NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c,
309
struct wb_sid_object ***sids)
311
NTSTATUS status = composite_wait(c);
312
if (NT_STATUS_IS_OK(status)) {
313
struct lsa_lookupnames_state *state =
314
talloc_get_type(c->private_data,
315
struct lsa_lookupnames_state);
316
*sids = talloc_steal(mem_ctx, state->result);
321
struct samr_getuserdomgroups_state {
322
struct composite_context *ctx;
323
struct dcerpc_pipe *samr_pipe;
328
struct samr_RidWithAttributeArray *rid_array;
330
struct policy_handle *user_handle;
331
struct samr_OpenUser o;
332
struct samr_GetGroupsForUser g;
336
static void samr_usergroups_recv_open(struct rpc_request *req);
337
static void samr_usergroups_recv_groups(struct rpc_request *req);
338
static void samr_usergroups_recv_close(struct rpc_request *req);
340
struct composite_context *wb_samr_userdomgroups_send(TALLOC_CTX *mem_ctx,
341
struct dcerpc_pipe *samr_pipe,
342
struct policy_handle *domain_handle,
345
struct composite_context *result;
346
struct rpc_request *req;
347
struct samr_getuserdomgroups_state *state;
349
result = composite_create(mem_ctx, samr_pipe->conn->event_ctx);
350
if (result == NULL) goto failed;
352
state = talloc(result, struct samr_getuserdomgroups_state);
353
if (state == NULL) goto failed;
354
result->private_data = state;
357
state->samr_pipe = samr_pipe;
359
state->user_handle = talloc(state, struct policy_handle);
360
if (state->user_handle == NULL) goto failed;
362
state->o.in.domain_handle = domain_handle;
363
state->o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
364
state->o.in.rid = rid;
365
state->o.out.user_handle = state->user_handle;
367
req = dcerpc_samr_OpenUser_send(state->samr_pipe, state, &state->o);
368
if (req == NULL) goto failed;
370
req->async.callback = samr_usergroups_recv_open;
371
req->async.private_data = state;
379
static void samr_usergroups_recv_open(struct rpc_request *req)
381
struct samr_getuserdomgroups_state *state =
382
talloc_get_type(req->async.private_data,
383
struct samr_getuserdomgroups_state);
385
state->ctx->status = dcerpc_ndr_request_recv(req);
386
if (!composite_is_ok(state->ctx)) return;
387
state->ctx->status = state->o.out.result;
388
if (!composite_is_ok(state->ctx)) return;
390
state->g.in.user_handle = state->user_handle;
391
state->g.out.rids = &state->rid_array;
393
req = dcerpc_samr_GetGroupsForUser_send(state->samr_pipe, state,
395
composite_continue_rpc(state->ctx, req, samr_usergroups_recv_groups,
399
static void samr_usergroups_recv_groups(struct rpc_request *req)
401
struct samr_getuserdomgroups_state *state =
402
talloc_get_type(req->async.private_data,
403
struct samr_getuserdomgroups_state);
405
state->ctx->status = dcerpc_ndr_request_recv(req);
406
if (!composite_is_ok(state->ctx)) return;
407
state->ctx->status = state->g.out.result;
408
if (!composite_is_ok(state->ctx)) return;
410
state->c.in.handle = state->user_handle;
411
state->c.out.handle = state->user_handle;
413
req = dcerpc_samr_Close_send(state->samr_pipe, state, &state->c);
414
composite_continue_rpc(state->ctx, req, samr_usergroups_recv_close,
418
static void samr_usergroups_recv_close(struct rpc_request *req)
420
struct samr_getuserdomgroups_state *state =
421
talloc_get_type(req->async.private_data,
422
struct samr_getuserdomgroups_state);
424
state->ctx->status = dcerpc_ndr_request_recv(req);
425
if (!composite_is_ok(state->ctx)) return;
426
state->ctx->status = state->c.out.result;
427
if (!composite_is_ok(state->ctx)) return;
429
composite_done(state->ctx);
432
NTSTATUS wb_samr_userdomgroups_recv(struct composite_context *ctx,
434
int *num_rids, uint32_t **rids)
436
struct samr_getuserdomgroups_state *state =
437
talloc_get_type(ctx->private_data,
438
struct samr_getuserdomgroups_state);
441
NTSTATUS status = composite_wait(ctx);
442
if (!NT_STATUS_IS_OK(status)) goto done;
444
*num_rids = state->rid_array->count;
445
*rids = talloc_array(mem_ctx, uint32_t, *num_rids);
447
status = NT_STATUS_NO_MEMORY;
451
for (i=0; i<*num_rids; i++) {
452
(*rids)[i] = state->rid_array->rids[i].rid;