2 Unix SMB/CIFS implementation.
3 async implementation of commands submitted over IRPC
4 Copyright (C) Volker Lendecke 2009
5 Copyright (C) Guenther Deschner 2009
6 Copyright (C) Andrew Bartlett 2014
7 Copyright (C) Andrew Tridgell 2009
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "librpc/gen_ndr/ndr_winbind_c.h"
26 #include "source4/lib/messaging/irpc.h"
27 #include "librpc/gen_ndr/ndr_winbind.h"
29 struct wb_irpc_forward_state
{
30 struct irpc_message
*msg
;
31 struct winbind_DsrUpdateReadOnlyServerDnsRecords
*req
;
34 struct dcesrv_call_state
*dce_call
;
38 called when the forwarded rpc request is finished
40 static void wb_irpc_forward_callback(struct tevent_req
*subreq
)
42 struct wb_irpc_forward_state
*st
=
43 tevent_req_callback_data(subreq
,
44 struct wb_irpc_forward_state
);
45 const char *opname
= st
->opname
;
48 status
= dcerpc_binding_handle_call_recv(subreq
);
50 if (!NT_STATUS_IS_OK(status
)) {
51 DEBUG(0,("RPC callback failed for %s - %s\n",
52 opname
, nt_errstr(status
)));
53 irpc_send_reply(st
->msg
, status
);
57 irpc_send_reply(st
->msg
, status
);
63 * Forward a RPC call using IRPC to another task
66 static NTSTATUS
wb_irpc_forward_rpc_call(struct irpc_message
*msg
, TALLOC_CTX
*mem_ctx
,
67 struct tevent_context
*ev
,
68 void *r
, uint32_t callid
,
70 struct winbindd_domain
*domain
,
73 struct wb_irpc_forward_state
*st
;
74 struct dcerpc_binding_handle
*binding_handle
;
75 struct tevent_req
*subreq
;
77 st
= talloc(mem_ctx
, struct wb_irpc_forward_state
);
79 return NT_STATUS_NO_MEMORY
;
85 binding_handle
= dom_child_handle(domain
);
86 if (binding_handle
== NULL
) {
87 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
88 opname
, domain
->name
));
89 return NT_STATUS_UNSUCCESSFUL
;
92 /* reset timeout for the handle */
93 dcerpc_binding_handle_set_timeout(binding_handle
, timeout
);
95 /* forward the call */
96 subreq
= dcerpc_binding_handle_call_send(st
, ev
,
98 NULL
, &ndr_table_winbind
,
101 if (subreq
== NULL
) {
102 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
103 opname
, domain
->name
));
104 return NT_STATUS_UNSUCCESSFUL
;
107 /* mark the request as replied async */
108 msg
->defer_reply
= true;
110 /* setup the callback */
111 tevent_req_set_callback(subreq
, wb_irpc_forward_callback
, st
);
115 static NTSTATUS
wb_irpc_DsrUpdateReadOnlyServerDnsRecords(struct irpc_message
*msg
,
116 struct winbind_DsrUpdateReadOnlyServerDnsRecords
*req
)
118 struct winbindd_domain
*domain
= find_our_domain();
119 if (domain
== NULL
) {
120 return NT_STATUS_NO_SUCH_DOMAIN
;
123 DEBUG(5, ("wb_irpc_DsrUpdateReadOnlyServerDnsRecords called\n"));
125 return wb_irpc_forward_rpc_call(msg
, msg
,
126 winbind_event_context(),
127 req
, NDR_WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS
,
128 "winbind_DsrUpdateReadOnlyServerDnsRecords",
129 domain
, IRPC_CALL_TIMEOUT
);
132 static NTSTATUS
wb_irpc_SamLogon(struct irpc_message
*msg
,
133 struct winbind_SamLogon
*req
)
135 struct winbindd_domain
*domain
;
136 struct netr_IdentityInfo
*identity_info
;
137 const char *target_domain_name
= NULL
;
138 const char *account_name
= NULL
;
140 switch (req
->in
.logon_level
) {
141 case NetlogonInteractiveInformation
:
142 case NetlogonServiceInformation
:
143 case NetlogonInteractiveTransitiveInformation
:
144 case NetlogonServiceTransitiveInformation
:
145 if (req
->in
.logon
.password
== NULL
) {
146 return NT_STATUS_REQUEST_NOT_ACCEPTED
;
148 identity_info
= &req
->in
.logon
.password
->identity_info
;
151 case NetlogonNetworkInformation
:
152 case NetlogonNetworkTransitiveInformation
:
153 if (req
->in
.logon
.network
== NULL
) {
154 return NT_STATUS_REQUEST_NOT_ACCEPTED
;
157 identity_info
= &req
->in
.logon
.network
->identity_info
;
160 case NetlogonGenericInformation
:
161 if (req
->in
.logon
.generic
== NULL
) {
162 return NT_STATUS_REQUEST_NOT_ACCEPTED
;
165 identity_info
= &req
->in
.logon
.generic
->identity_info
;
169 return NT_STATUS_REQUEST_NOT_ACCEPTED
;
172 target_domain_name
= identity_info
->domain_name
.string
;
173 if (target_domain_name
== NULL
) {
174 target_domain_name
= "";
177 account_name
= identity_info
->account_name
.string
;
178 if (account_name
== NULL
) {
182 if (IS_DC
&& target_domain_name
[0] == '\0') {
183 const char *p
= NULL
;
185 p
= strchr_m(account_name
, '@');
187 target_domain_name
= p
+ 1;
191 if (IS_DC
&& target_domain_name
[0] == '\0') {
192 DBG_ERR("target_domain[%s] account[%s]\n",
193 target_domain_name
, account_name
);
194 return NT_STATUS_REQUEST_NOT_ACCEPTED
;
197 domain
= find_auth_domain(0, target_domain_name
);
198 if (domain
== NULL
) {
199 DBG_INFO("target_domain[%s] for account[%s] not known\n",
200 target_domain_name
, account_name
);
201 req
->out
.result
= NT_STATUS_NO_SUCH_USER
;
202 req
->out
.authoritative
= 0;
206 DEBUG(5, ("wb_irpc_SamLogon called\n"));
208 return wb_irpc_forward_rpc_call(msg
, msg
,
209 winbind_event_context(),
210 req
, NDR_WINBIND_SAMLOGON
,
212 domain
, IRPC_CALL_TIMEOUT
);
215 static NTSTATUS
wb_irpc_LogonControl(struct irpc_message
*msg
,
216 struct winbind_LogonControl
*req
)
218 TALLOC_CTX
*frame
= talloc_stackframe();
219 char *domain_name
= NULL
;
220 struct winbindd_domain
*domain
= NULL
;
222 DEBUG(5, ("wb_irpc_LogonControl called\n"));
224 switch (req
->in
.function_code
) {
225 case NETLOGON_CONTROL_REDISCOVER
:
226 case NETLOGON_CONTROL_TC_QUERY
:
227 case NETLOGON_CONTROL_CHANGE_PASSWORD
:
228 case NETLOGON_CONTROL_TC_VERIFY
:
229 if (req
->in
.data
->domain
== NULL
) {
231 return NT_STATUS_INVALID_PARAMETER
;
234 domain_name
= talloc_strdup(frame
, req
->in
.data
->domain
);
235 if (domain_name
== NULL
) {
236 req
->out
.result
= WERR_NOT_ENOUGH_MEMORY
;
244 return NT_STATUS_NOT_IMPLEMENTED
;
247 if (req
->in
.function_code
== NETLOGON_CONTROL_REDISCOVER
) {
251 * NETLOGON_CONTROL_REDISCOVER
252 * get's an optional \dcname appended to the domain name
254 p
= strchr_m(domain_name
, '\\');
260 domain
= find_domain_from_name_noinit(domain_name
);
261 if (domain
== NULL
) {
262 req
->out
.result
= WERR_NO_SUCH_DOMAIN
;
268 return wb_irpc_forward_rpc_call(msg
, msg
,
269 winbind_event_context(),
270 req
, NDR_WINBIND_LOGONCONTROL
,
271 "winbind_LogonControl",
272 domain
, 45 /* timeout */);
275 static NTSTATUS
wb_irpc_GetForestTrustInformation(struct irpc_message
*msg
,
276 struct winbind_GetForestTrustInformation
*req
)
278 struct winbindd_domain
*domain
= NULL
;
280 if (req
->in
.trusted_domain_name
== NULL
) {
281 req
->out
.result
= WERR_NO_SUCH_DOMAIN
;
285 domain
= find_domain_from_name_noinit(req
->in
.trusted_domain_name
);
286 if (domain
== NULL
) {
287 req
->out
.result
= WERR_NO_SUCH_DOMAIN
;
292 * checking for domain->internal and domain->primary
293 * makes sure we only do some work when running as DC.
296 if (domain
->internal
) {
297 req
->out
.result
= WERR_NO_SUCH_DOMAIN
;
301 if (domain
->primary
) {
302 req
->out
.result
= WERR_NO_SUCH_DOMAIN
;
306 DEBUG(5, ("wb_irpc_GetForestTrustInformation called\n"));
308 return wb_irpc_forward_rpc_call(msg
, msg
,
309 winbind_event_context(),
310 req
, NDR_WINBIND_GETFORESTTRUSTINFORMATION
,
311 "winbind_GetForestTrustInformation",
312 domain
, 45 /* timeout */);
315 static NTSTATUS
wb_irpc_SendToSam(struct irpc_message
*msg
,
316 struct winbind_SendToSam
*req
)
318 /* TODO make sure that it is RWDC */
319 struct winbindd_domain
*domain
= find_our_domain();
320 if (domain
== NULL
) {
321 return NT_STATUS_NO_SUCH_DOMAIN
;
324 DEBUG(5, ("wb_irpc_SendToSam called\n"));
326 return wb_irpc_forward_rpc_call(msg
, msg
,
327 winbind_event_context(),
328 req
, NDR_WINBIND_SENDTOSAM
,
330 domain
, IRPC_CALL_TIMEOUT
);
333 NTSTATUS
wb_irpc_register(void)
337 status
= IRPC_REGISTER(winbind_imessaging_context(), winbind
, WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS
,
338 wb_irpc_DsrUpdateReadOnlyServerDnsRecords
, NULL
);
339 if (!NT_STATUS_IS_OK(status
)) {
342 status
= IRPC_REGISTER(winbind_imessaging_context(), winbind
, WINBIND_SAMLOGON
,
343 wb_irpc_SamLogon
, NULL
);
344 if (!NT_STATUS_IS_OK(status
)) {
347 status
= IRPC_REGISTER(winbind_imessaging_context(), winbind
,
348 WINBIND_LOGONCONTROL
,
349 wb_irpc_LogonControl
, NULL
);
350 if (!NT_STATUS_IS_OK(status
)) {
353 status
= IRPC_REGISTER(winbind_imessaging_context(), winbind
,
354 WINBIND_GETFORESTTRUSTINFORMATION
,
355 wb_irpc_GetForestTrustInformation
, NULL
);
356 if (!NT_STATUS_IS_OK(status
)) {
359 status
= IRPC_REGISTER(winbind_imessaging_context(), winbind
, WINBIND_SENDTOSAM
,
360 wb_irpc_SendToSam
, NULL
);
361 if (!NT_STATUS_IS_OK(status
)) {