search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
preparing for release of 1.9.18alpha7
[Samba.git] / source / ntclientlsa.c
blob5cf945f2ede9cba75ff0427945d97a1f27a15723
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 NT Domain Authentication SMB / MSRPC client
5 Copyright (C) Andrew Tridgell 1994-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #ifdef SYSLOG
24 #undef SYSLOG
25 #endif
26
27 #include "includes.h"
28
29 extern int DEBUGLEVEL;
30 extern pstring username;
31 extern pstring workgroup;
32
33 #define CLIENT_TIMEOUT (30*1000)
34
35 #ifdef NTDOMAIN
36
37 /****************************************************************************
38 do a LSA Open Policy
39 ****************************************************************************/
40 BOOL do_lsa_open_policy(uint16 fnum, uint32 call_id,
41 char *server_name, LSA_POL_HND *hnd)
42 {
43 char *rparam = NULL;
44 char *rdata = NULL;
45 char *p;
46 int rdrcnt,rprcnt;
47 pstring data; /* only 1024 bytes */
48 uint16 setup[2]; /* only need 2 uint16 setup parameters */
49 LSA_Q_OPEN_POL q_o;
50 BOOL valid_pol = False;
51
52 if (hnd == NULL) return False;
53
54 /* create and send a MSRPC command with api LSA_OPENPOLICY */
55
56 DEBUG(4,("LSA Open Policy\n"));
57
58 /* store the parameters */
59 make_q_open_pol(&q_o, server_name, 0, 0, 0x1);
60
61 /* turn parameters into data stream */
62 p = lsa_io_q_open_pol(False, &q_o, data + 0x18, data, 4, 0);
63
64 /* create the request RPC_HDR_RR with no data */
65 create_rpc_request(call_id, LSA_OPENPOLICY, data, PTR_DIFF(p, data));
66
67 /* create setup parameters. */
68 setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
69 setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
70
71 /* send the data on \PIPE\ */
72 if (cli_call_api("\\PIPE\\", 0, PTR_DIFF(p, data), 2, 1024,
73 BUFFER_SIZE,
74 &rprcnt, &rdrcnt,
75 NULL, data, setup,
76 &rparam, &rdata))
77 {
78 LSA_R_OPEN_POL r_o;
79 RPC_HDR_RR hdr;
80 int hdr_len;
81 int pkt_len;
82
83 DEBUG(5, ("cli_call_api: return OK\n"));
84
85 p = rdata;
86
87 if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
88 if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
89
90 hdr_len = PTR_DIFF(p, rdata);
91
92 if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
93 {
94 /* header length not same as calculated header length */
95 DEBUG(2,("do_lsa_open_policy: hdr_len %x != frag_len-alloc_hint %x\n",
96 hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
97 p = NULL;
98 }
99
100 if (p) p = lsa_io_r_open_pol(True, &r_o, p, rdata, 4, 0);
101
102 pkt_len = PTR_DIFF(p, rdata);
103
104 if (p && pkt_len != hdr.hdr.frag_len)
105 {
106 /* packet data size not same as reported fragment length */
107 DEBUG(2,("do_lsa_open_policy: pkt_len %x != frag_len \n",
108 pkt_len, hdr.hdr.frag_len));
109 p = NULL;
110 }
111
112 if (p && r_o.status != 0)
113 {
114 /* report error code */
115 DEBUG(0,("LSA_OPENPOLICY: nt_status error %lx\n", r_o.status));
116 p = NULL;
117 }
118
119 if (p)
120 {
121 /* ok, at last: we're happy. return the policy handle */
122 memcpy(hnd, r_o.pol.data, sizeof(hnd->data));
123 valid_pol = True;
124 }
125 }
126
127 if (rparam) free(rparam);
128 if (rdata) free(rdata);
129
130 return valid_pol;
131 }
132
133 /****************************************************************************
134 do a LSA Query Info Policy
135 ****************************************************************************/
136 BOOL do_lsa_query_info_pol(uint16 fnum, uint32 call_id,
137 LSA_POL_HND *hnd, uint16 info_class,
138 fstring domain_name, pstring domain_sid)
139 {
140 char *rparam = NULL;
141 char *rdata = NULL;
142 char *p;
143 int rdrcnt,rprcnt;
144 pstring data; /* only 1024 bytes */
145 uint16 setup[2]; /* only need 2 uint16 setup parameters */
146 LSA_Q_QUERY_INFO q_q;
147 BOOL valid_response = False;
148
149 if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False;
150
151 /* create and send a MSRPC command with api LSA_QUERYINFOPOLICY */
152
153 DEBUG(4,("LSA Query Info Policy\n"));
154
155 /* store the parameters */
156 make_q_query(&q_q, hnd, info_class);
157
158 /* turn parameters into data stream */
159 p = lsa_io_q_query(False, &q_q, data + 0x18, data, 4, 0);
160
161 /* create the request RPC_HDR_RR with no data */
162 create_rpc_request(call_id, LSA_QUERYINFOPOLICY, data, PTR_DIFF(p, data));
163
164 /* create setup parameters. */
165 setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
166 setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
167
168 /* send the data on \PIPE\ */
169 if (cli_call_api("\\PIPE\\", 0, PTR_DIFF(p, data), 2, 1024,
170 BUFFER_SIZE,
171 &rprcnt, &rdrcnt,
172 NULL, data, setup,
173 &rparam, &rdata))
174 {
175 LSA_R_QUERY_INFO r_q;
176 RPC_HDR_RR hdr;
177 int hdr_len;
178 int pkt_len;
179
180 DEBUG(5, ("cli_call_api: return OK\n"));
181
182 p = rdata;
183
184 if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
185 if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
186
187 hdr_len = PTR_DIFF(p, rdata);
188
189 if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
190 {
191 /* header length not same as calculated header length */
192 DEBUG(2,("do_lsa_query_info: hdr_len %x != frag_len-alloc_hint %x\n",
193 hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
194 p = NULL;
195 }
196
197 if (p) p = lsa_io_r_query(True, &r_q, p, rdata, 4, 0);
198
199 pkt_len = PTR_DIFF(p, rdata);
200
201 if (p && pkt_len != hdr.hdr.frag_len)
202 {
203 /* packet data size not same as reported fragment length */
204 DEBUG(2,("do_lsa_query_info: pkt_len %x != frag_len \n",
205 pkt_len, hdr.hdr.frag_len));
206 p = NULL;
207 }
208
209 if (p && r_q.status != 0)
210 {
211 /* report error code */
212 DEBUG(0,("LSA_QUERYINFOPOLICY: nt_status error %lx\n", r_q.status));
213 p = NULL;
214 }
215
216 if (p && r_q.info_class != q_q.info_class)
217 {
218 /* report different info classes */
219 DEBUG(0,("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
220 q_q.info_class, r_q.info_class));
221 p = NULL;
222 }
223
224 if (p)
225 {
226 /* ok, at last: we're happy. */
227 switch (r_q.info_class)
228 {
229 case 3:
230 {
231 char *dom_name = unistrn2(r_q.dom.id3.uni_domain_name.buffer,
232 r_q.dom.id3.uni_domain_name.uni_str_len);
233 char *dom_sid = dom_sid_to_string(&(r_q.dom.id3.dom_sid));
234 fstrcpy(domain_name, dom_name);
235 pstrcpy(domain_sid , dom_sid);
236
237 valid_response = True;
238 break;
239 }
240 case 5:
241 {
242 char *dom_name = unistrn2(r_q.dom.id5.uni_domain_name.buffer,
243 r_q.dom.id5.uni_domain_name.uni_str_len);
244 char *dom_sid = dom_sid_to_string(&(r_q.dom.id5.dom_sid));
245 fstrcpy(domain_name, dom_name);
246 pstrcpy(domain_sid , dom_sid);
247
248 valid_response = True;
249 break;
250 }
251 default:
252 {
253 DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n"));
254 domain_name[0] = 0;
255 domain_sid [0] = 0;
256
257 break;
258 }
259 }
260 DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
261 r_q.info_class, domain_name, domain_sid));
262 }
263 }
264
265 if (rparam) free(rparam);
266 if (rdata) free(rdata);
267
268 return valid_response;
269 }
270
271 /****************************************************************************
272 do a LSA Close
273 ****************************************************************************/
274 BOOL do_lsa_close(uint16 fnum, uint32 call_id,
275 LSA_POL_HND *hnd)
276 {
277 char *rparam = NULL;
278 char *rdata = NULL;
279 char *p;
280 int rdrcnt,rprcnt;
281 pstring data; /* only 1024 bytes */
282 uint16 setup[2]; /* only need 2 uint16 setup parameters */
283 LSA_Q_CLOSE q_c;
284 BOOL valid_close = False;
285
286 if (hnd == NULL) return False;
287
288 /* create and send a MSRPC command with api LSA_OPENPOLICY */
289
290 DEBUG(4,("LSA Close\n"));
291
292 /* store the parameters */
293 make_q_close(&q_c, hnd);
294
295 /* turn parameters into data stream */
296 p = lsa_io_q_close(False, &q_c, data + 0x18, data, 4, 0);
297
298 /* create the request RPC_HDR_RR with no data */
299 create_rpc_request(call_id, LSA_CLOSE, data, PTR_DIFF(p, data));
300
301 /* create setup parameters. */
302 setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
303 setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
304
305 /* send the data on \PIPE\ */
306 if (cli_call_api("\\PIPE\\", 0, PTR_DIFF(p, data), 2, 1024,
307 BUFFER_SIZE,
308 &rprcnt, &rdrcnt,
309 NULL, data, setup,
310 &rparam, &rdata))
311 {
312 LSA_R_CLOSE r_c;
313 RPC_HDR_RR hdr;
314 int hdr_len;
315 int pkt_len;
316
317 DEBUG(5, ("cli_call_api: return OK\n"));
318
319 p = rdata;
320
321 if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
322 if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
323
324 hdr_len = PTR_DIFF(p, rdata);
325
326 if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
327 {
328 /* header length not same as calculated header length */
329 DEBUG(2,("do_lsa_close: hdr_len %x != frag_len-alloc_hint %x\n",
330 hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
331 p = NULL;
332 }
333
334 if (p) p = lsa_io_r_close(True, &r_c, p, rdata, 4, 0);
335
336 pkt_len = PTR_DIFF(p, rdata);
337
338 if (p && pkt_len != hdr.hdr.frag_len)
339 {
340 /* packet data size not same as reported fragment length */
341 DEBUG(2,("do_lsa_close: pkt_len %x != frag_len \n",
342 pkt_len, hdr.hdr.frag_len));
343 p = NULL;
344 }
345
346 if (p && r_c.status != 0)
347 {
348 /* report error code */
349 DEBUG(0,("LSA_OPENPOLICY: nt_status error %lx\n", r_c.status));
350 p = NULL;
351 }
352
353 if (p)
354 {
355 /* check that the returned policy handle is all zeros */
356 int i;
357 valid_close = True;
358
359 for (i = 0; i < sizeof(r_c.pol.data); i++)
360 {
361 if (r_c.pol.data[i] != 0)
362 {
363 valid_close = False;
364 break;
365 }
366 }
367 if (!valid_close)
368 {
369 DEBUG(0,("LSA_CLOSE: non-zero handle returned\n"));
370 }
371 }
372 }
373
374 if (rparam) free(rparam);
375 if (rdata) free(rdata);
376
377 return valid_close;
378 }
379
380 #endif /* NTDOMAIN */
Samba GIT mirror