search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: This module needs rewriting...
[Samba.git] / source4 / winbind / wb_connect_sam.c
blob06937b2dee3b1b72883ad6cc01130548988ff616
1 /*
2 Unix SMB/CIFS implementation.
3
4 Connect to the SAMR pipe, and return connection and domain handles.
5
6 Copyright (C) Volker Lendecke 2005
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2007
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "libcli/composite/composite.h"
25
26 #include "libcli/security/security.h"
27 #include "librpc/gen_ndr/ndr_samr_c.h"
28 #include "winbind/wb_server.h"
29
30
31 /* Helper to initialize SAMR with a specific auth methods. Verify by opening
32 * the SAM handle */
33
34 struct connect_samr_state {
35 struct composite_context *ctx;
36 struct dom_sid *sid;
37
38 struct dcerpc_pipe *samr_pipe;
39 struct policy_handle *connect_handle;
40 struct policy_handle *domain_handle;
41
42 struct samr_Connect2 c;
43 struct samr_OpenDomain o;
44 };
45
46 static void connect_samr_recv_pipe(struct composite_context *ctx);
47 static void connect_samr_recv_conn(struct tevent_req *subreq);
48 static void connect_samr_recv_open(struct tevent_req *subreq);
49
50 struct composite_context *wb_connect_samr_send(TALLOC_CTX *mem_ctx,
51 struct wbsrv_domain *domain)
52 {
53 struct composite_context *result, *ctx;
54 struct connect_samr_state *state;
55
56 result = composite_create(mem_ctx, domain->netlogon_pipe->conn->event_ctx);
57 if (result == NULL) goto failed;
58
59 state = talloc(result, struct connect_samr_state);
60 if (state == NULL) goto failed;
61 state->ctx = result;
62 result->private_data = state;
63
64 state->sid = dom_sid_dup(state, domain->info->sid);
65 if (state->sid == NULL) goto failed;
66
67 /* this will make the secondary connection on the same IPC$ share,
68 secured with SPNEGO, NTLMSSP or SCHANNEL */
69 ctx = dcerpc_secondary_auth_connection_send(domain->netlogon_pipe,
70 domain->samr_binding,
71 &ndr_table_samr,
72 domain->libnet_ctx->cred,
73 domain->libnet_ctx->lp_ctx);
74 composite_continue(state->ctx, ctx, connect_samr_recv_pipe, state);
75 return result;
76
77 failed:
78 talloc_free(result);
79 return NULL;
80 }
81
82 static void connect_samr_recv_pipe(struct composite_context *ctx)
83 {
84 struct connect_samr_state *state =
85 talloc_get_type(ctx->async.private_data,
86 struct connect_samr_state);
87 struct tevent_req *subreq;
88
89 state->ctx->status = dcerpc_secondary_auth_connection_recv(ctx, state,
90 &state->samr_pipe);
91 if (!composite_is_ok(state->ctx)) return;
92
93 state->connect_handle = talloc(state, struct policy_handle);
94 if (composite_nomem(state->connect_handle, state->ctx)) return;
95
96 state->c.in.system_name =
97 talloc_asprintf(state, "\\\\%s",
98 dcerpc_server_name(state->samr_pipe));
99 state->c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
100 state->c.out.connect_handle = state->connect_handle;
101
102 subreq = dcerpc_samr_Connect2_r_send(state,
103 state->ctx->event_ctx,
104 state->samr_pipe->binding_handle,
105 &state->c);
106 if (composite_nomem(subreq, state->ctx)) return;
107 tevent_req_set_callback(subreq, connect_samr_recv_conn, state);
108 }
109
110 static void connect_samr_recv_conn(struct tevent_req *subreq)
111 {
112 struct connect_samr_state *state =
113 tevent_req_callback_data(subreq,
114 struct connect_samr_state);
115
116 state->ctx->status = dcerpc_samr_Connect2_r_recv(subreq, state);
117 TALLOC_FREE(subreq);
118 if (!composite_is_ok(state->ctx)) return;
119 state->ctx->status = state->c.out.result;
120 if (!composite_is_ok(state->ctx)) return;
121
122 state->domain_handle = talloc(state, struct policy_handle);
123 if (composite_nomem(state->domain_handle, state->ctx)) return;
124
125 state->o.in.connect_handle = state->connect_handle;
126 state->o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
127 state->o.in.sid = state->sid;
128 state->o.out.domain_handle = state->domain_handle;
129
130 subreq = dcerpc_samr_OpenDomain_r_send(state,
131 state->ctx->event_ctx,
132 state->samr_pipe->binding_handle,
133 &state->o);
134 if (composite_nomem(subreq, state->ctx)) return;
135 tevent_req_set_callback(subreq, connect_samr_recv_open, state);
136 }
137
138 static void connect_samr_recv_open(struct tevent_req *subreq)
139 {
140 struct connect_samr_state *state =
141 tevent_req_callback_data(subreq,
142 struct connect_samr_state);
143
144 state->ctx->status = dcerpc_samr_OpenDomain_r_recv(subreq, state);
145 TALLOC_FREE(subreq);
146 if (!composite_is_ok(state->ctx)) return;
147 state->ctx->status = state->o.out.result;
148 if (!composite_is_ok(state->ctx)) return;
149
150 composite_done(state->ctx);
151 }
152
153 NTSTATUS wb_connect_samr_recv(struct composite_context *c,
154 TALLOC_CTX *mem_ctx,
155 struct dcerpc_pipe **samr_pipe,
156 struct policy_handle *connect_handle,
157 struct policy_handle *domain_handle)
158 {
159 NTSTATUS status = composite_wait(c);
160 if (NT_STATUS_IS_OK(status)) {
161 struct connect_samr_state *state =
162 talloc_get_type(c->private_data,
163 struct connect_samr_state);
164 *samr_pipe = talloc_steal(mem_ctx, state->samr_pipe);
165 *connect_handle = *state->connect_handle;
166 *domain_handle = *state->domain_handle;
167 }
168 talloc_free(c);
169 return status;
170 }
171
Samba GIT mirror