search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
man pages: properly ident lists
[Samba.git] / source3 / winbindd / winbindd_irpc.c
blobfface90cfad3912a64f1c2922601c208a6a33f5d
1 /*
2 Unix SMB/CIFS implementation.
3 async implementation of commands submitted over IRPC
4 Copyright (C) Volker Lendecke 2009
5 Copyright (C) Guenther Deschner 2009
6 Copyright (C) Andrew Bartlett 2014
7 Copyright (C) Andrew Tridgell 2009
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "winbindd.h"
25 #include "librpc/gen_ndr/ndr_winbind_c.h"
26 #include "source4/lib/messaging/irpc.h"
27 #include "librpc/gen_ndr/ndr_winbind.h"
28
29 struct wb_irpc_forward_state {
30 struct irpc_message *msg;
31 struct winbind_DsrUpdateReadOnlyServerDnsRecords *req;
32
33 const char *opname;
34 struct dcesrv_call_state *dce_call;
35 };
36
37 /*
38 called when the forwarded rpc request is finished
39 */
40 static void wb_irpc_forward_callback(struct tevent_req *subreq)
41 {
42 struct wb_irpc_forward_state *st =
43 tevent_req_callback_data(subreq,
44 struct wb_irpc_forward_state);
45 const char *opname = st->opname;
46 NTSTATUS status;
47
48 status = dcerpc_binding_handle_call_recv(subreq);
49 TALLOC_FREE(subreq);
50 if (!NT_STATUS_IS_OK(status)) {
51 DEBUG(0,("RPC callback failed for %s - %s\n",
52 opname, nt_errstr(status)));
53 irpc_send_reply(st->msg, status);
54 return;
55 }
56
57 irpc_send_reply(st->msg, status);
58 }
59
60
61
62 /**
63 * Forward a RPC call using IRPC to another task
64 */
65
66 static NTSTATUS wb_irpc_forward_rpc_call(struct irpc_message *msg, TALLOC_CTX *mem_ctx,
67 struct tevent_context *ev,
68 void *r, uint32_t callid,
69 const char *opname,
70 struct winbindd_domain *domain,
71 uint32_t timeout)
72 {
73 struct wb_irpc_forward_state *st;
74 struct dcerpc_binding_handle *binding_handle;
75 struct tevent_req *subreq;
76
77 st = talloc(mem_ctx, struct wb_irpc_forward_state);
78 if (st == NULL) {
79 return NT_STATUS_NO_MEMORY;
80 }
81
82 st->msg = msg;
83 st->opname = opname;
84
85 binding_handle = dom_child_handle(domain);
86 if (binding_handle == NULL) {
87 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
88 opname, domain->name));
89 return NT_STATUS_UNSUCCESSFUL;
90 }
91
92 /* reset timeout for the handle */
93 dcerpc_binding_handle_set_timeout(binding_handle, timeout);
94
95 /* forward the call */
96 subreq = dcerpc_binding_handle_call_send(st, ev,
97 binding_handle,
98 NULL, &ndr_table_winbind,
99 callid,
100 msg, r);
101 if (subreq == NULL) {
102 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
103 opname, domain->name));
104 return NT_STATUS_UNSUCCESSFUL;
105 }
106
107 /* mark the request as replied async */
108 msg->defer_reply = true;
109
110 /* setup the callback */
111 tevent_req_set_callback(subreq, wb_irpc_forward_callback, st);
112 return NT_STATUS_OK;
113 }
114
115 static NTSTATUS wb_irpc_DsrUpdateReadOnlyServerDnsRecords(struct irpc_message *msg,
116 struct winbind_DsrUpdateReadOnlyServerDnsRecords *req)
117 {
118 struct winbindd_domain *domain = find_our_domain();
119 if (domain == NULL) {
120 return NT_STATUS_NO_SUCH_DOMAIN;
121 }
122
123 DEBUG(5, ("wb_irpc_DsrUpdateReadOnlyServerDnsRecords called\n"));
124
125 return wb_irpc_forward_rpc_call(msg, msg,
126 winbind_event_context(),
127 req, NDR_WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS,
128 "winbind_DsrUpdateReadOnlyServerDnsRecords",
129 domain, IRPC_CALL_TIMEOUT);
130 }
131
132 static NTSTATUS wb_irpc_SamLogon(struct irpc_message *msg,
133 struct winbind_SamLogon *req)
134 {
135 struct winbindd_domain *domain;
136 struct netr_IdentityInfo *identity_info;
137 const char *target_domain_name = NULL;
138 const char *account_name = NULL;
139
140 switch (req->in.logon_level) {
141 case NetlogonInteractiveInformation:
142 case NetlogonServiceInformation:
143 case NetlogonInteractiveTransitiveInformation:
144 case NetlogonServiceTransitiveInformation:
145 if (req->in.logon.password == NULL) {
146 return NT_STATUS_REQUEST_NOT_ACCEPTED;
147 }
148 identity_info = &req->in.logon.password->identity_info;
149 break;
150
151 case NetlogonNetworkInformation:
152 case NetlogonNetworkTransitiveInformation:
153 if (req->in.logon.network == NULL) {
154 return NT_STATUS_REQUEST_NOT_ACCEPTED;
155 }
156
157 identity_info = &req->in.logon.network->identity_info;
158 break;
159
160 case NetlogonGenericInformation:
161 if (req->in.logon.generic == NULL) {
162 return NT_STATUS_REQUEST_NOT_ACCEPTED;
163 }
164
165 identity_info = &req->in.logon.generic->identity_info;
166 break;
167
168 default:
169 return NT_STATUS_REQUEST_NOT_ACCEPTED;
170 }
171
172 target_domain_name = identity_info->domain_name.string;
173 if (target_domain_name == NULL) {
174 target_domain_name = "";
175 }
176
177 account_name = identity_info->account_name.string;
178 if (account_name == NULL) {
179 account_name = "";
180 }
181
182 if (IS_DC && target_domain_name[0] == '\0') {
183 const char *p = NULL;
184
185 p = strchr_m(account_name, '@');
186 if (p != NULL) {
187 target_domain_name = p + 1;
188 }
189 }
190
191 if (IS_DC && target_domain_name[0] == '\0') {
192 DBG_ERR("target_domain[%s] account[%s]\n",
193 target_domain_name, account_name);
194 return NT_STATUS_REQUEST_NOT_ACCEPTED;
195 }
196
197 domain = find_auth_domain(0, target_domain_name);
198 if (domain == NULL) {
199 DBG_INFO("target_domain[%s] for account[%s] not known\n",
200 target_domain_name, account_name);
201 req->out.result = NT_STATUS_NO_SUCH_USER;
202 req->out.authoritative = 0;
203 return NT_STATUS_OK;
204 }
205
206 DEBUG(5, ("wb_irpc_SamLogon called\n"));
207
208 return wb_irpc_forward_rpc_call(msg, msg,
209 winbind_event_context(),
210 req, NDR_WINBIND_SAMLOGON,
211 "winbind_SamLogon",
212 domain, IRPC_CALL_TIMEOUT);
213 }
214
215 static NTSTATUS wb_irpc_LogonControl(struct irpc_message *msg,
216 struct winbind_LogonControl *req)
217 {
218 TALLOC_CTX *frame = talloc_stackframe();
219 char *domain_name = NULL;
220 struct winbindd_domain *domain = NULL;
221
222 DEBUG(5, ("wb_irpc_LogonControl called\n"));
223
224 switch (req->in.function_code) {
225 case NETLOGON_CONTROL_REDISCOVER:
226 case NETLOGON_CONTROL_TC_QUERY:
227 case NETLOGON_CONTROL_CHANGE_PASSWORD:
228 case NETLOGON_CONTROL_TC_VERIFY:
229 if (req->in.data->domain == NULL) {
230 TALLOC_FREE(frame);
231 return NT_STATUS_INVALID_PARAMETER;
232 }
233
234 domain_name = talloc_strdup(frame, req->in.data->domain);
235 if (domain_name == NULL) {
236 req->out.result = WERR_NOT_ENOUGH_MEMORY;
237 TALLOC_FREE(frame);
238 return NT_STATUS_OK;
239 }
240
241 break;
242 default:
243 TALLOC_FREE(frame);
244 return NT_STATUS_NOT_IMPLEMENTED;
245 }
246
247 if (req->in.function_code == NETLOGON_CONTROL_REDISCOVER) {
248 char *p = NULL;
249
250 /*
251 * NETLOGON_CONTROL_REDISCOVER
252 * get's an optional \dcname appended to the domain name
253 */
254 p = strchr_m(domain_name, '\\');
255 if (p != NULL) {
256 *p = '\0';
257 }
258 }
259
260 domain = find_domain_from_name_noinit(domain_name);
261 if (domain == NULL) {
262 req->out.result = WERR_NO_SUCH_DOMAIN;
263 TALLOC_FREE(frame);
264 return NT_STATUS_OK;
265 }
266
267 TALLOC_FREE(frame);
268 return wb_irpc_forward_rpc_call(msg, msg,
269 winbind_event_context(),
270 req, NDR_WINBIND_LOGONCONTROL,
271 "winbind_LogonControl",
272 domain, 45 /* timeout */);
273 }
274
275 static NTSTATUS wb_irpc_GetForestTrustInformation(struct irpc_message *msg,
276 struct winbind_GetForestTrustInformation *req)
277 {
278 struct winbindd_domain *domain = NULL;
279
280 if (req->in.trusted_domain_name == NULL) {
281 req->out.result = WERR_NO_SUCH_DOMAIN;
282 return NT_STATUS_OK;
283 }
284
285 domain = find_domain_from_name_noinit(req->in.trusted_domain_name);
286 if (domain == NULL) {
287 req->out.result = WERR_NO_SUCH_DOMAIN;
288 return NT_STATUS_OK;
289 }
290
291 /*
292 * checking for domain->internal and domain->primary
293 * makes sure we only do some work when running as DC.
294 */
295
296 if (domain->internal) {
297 req->out.result = WERR_NO_SUCH_DOMAIN;
298 return NT_STATUS_OK;
299 }
300
301 if (domain->primary) {
302 req->out.result = WERR_NO_SUCH_DOMAIN;
303 return NT_STATUS_OK;
304 }
305
306 DEBUG(5, ("wb_irpc_GetForestTrustInformation called\n"));
307
308 return wb_irpc_forward_rpc_call(msg, msg,
309 winbind_event_context(),
310 req, NDR_WINBIND_GETFORESTTRUSTINFORMATION,
311 "winbind_GetForestTrustInformation",
312 domain, 45 /* timeout */);
313 }
314
315 static NTSTATUS wb_irpc_SendToSam(struct irpc_message *msg,
316 struct winbind_SendToSam *req)
317 {
318 /* TODO make sure that it is RWDC */
319 struct winbindd_domain *domain = find_our_domain();
320 if (domain == NULL) {
321 return NT_STATUS_NO_SUCH_DOMAIN;
322 }
323
324 DEBUG(5, ("wb_irpc_SendToSam called\n"));
325
326 return wb_irpc_forward_rpc_call(msg, msg,
327 winbind_event_context(),
328 req, NDR_WINBIND_SENDTOSAM,
329 "winbind_SendToSam",
330 domain, IRPC_CALL_TIMEOUT);
331 }
332
333 NTSTATUS wb_irpc_register(void)
334 {
335 NTSTATUS status;
336
337 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS,
338 wb_irpc_DsrUpdateReadOnlyServerDnsRecords, NULL);
339 if (!NT_STATUS_IS_OK(status)) {
340 return status;
341 }
342 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_SAMLOGON,
343 wb_irpc_SamLogon, NULL);
344 if (!NT_STATUS_IS_OK(status)) {
345 return status;
346 }
347 status = IRPC_REGISTER(winbind_imessaging_context(), winbind,
348 WINBIND_LOGONCONTROL,
349 wb_irpc_LogonControl, NULL);
350 if (!NT_STATUS_IS_OK(status)) {
351 return status;
352 }
353 status = IRPC_REGISTER(winbind_imessaging_context(), winbind,
354 WINBIND_GETFORESTTRUSTINFORMATION,
355 wb_irpc_GetForestTrustInformation, NULL);
356 if (!NT_STATUS_IS_OK(status)) {
357 return status;
358 }
359 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_SENDTOSAM,
360 wb_irpc_SendToSam, NULL);
361 if (!NT_STATUS_IS_OK(status)) {
362 return status;
363 }
364
365 return NT_STATUS_OK;
366 }
Samba GIT mirror