source/rpc_server/srv_util.c

   1 /*
   2  *  Unix SMB/CIFS implementation.
   3  *  RPC Pipe client / server routines
   4  *  Copyright (C) Andrew Tridgell              1992-1998
   5  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
   6  *  Copyright (C) Paul Ashton                  1997-1998,
   7  *  Copyright (C) Andrew Bartlett                   2004.
   8  *
   9  *  This program is free software; you can redistribute it and/or modify
  10  *  it under the terms of the GNU General Public License as published by
  11  *  the Free Software Foundation; either version 2 of the License, or
  12  *  (at your option) any later version.
  13  *
  14  *  This program is distributed in the hope that it will be useful,
  15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  *  GNU General Public License for more details.
  18  *
  19  *  You should have received a copy of the GNU General Public License
  20  *  along with this program; if not, write to the Free Software
  21  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  22  */
  23
  24 /*  this module apparently provides an implementation of DCE/RPC over a
  25  *  named pipe (IPC$ connection using SMBtrans).  details of DCE/RPC
  26  *  documentation are available (in on-line form) from the X-Open group.
  27  *
  28  *  this module should provide a level of abstraction between SMB
  29  *  and DCE/RPC, while minimising the amount of mallocs, unnecessary
  30  *  data copies, and network traffic.
  31  *
  32  *  in this version, which takes a "let's learn what's going on and
  33  *  get something running" approach, there is additional network
  34  *  traffic generated, but the code should be easier to understand...
  35  *
  36  *  ... if you read the docs.  or stare at packets for weeks on end.
  37  *
  38  */
  39
  40 #include "includes.h"
  41
  42 #undef DBGC_CLASS
  43 #define DBGC_CLASS DBGC_RPC_SRV
  44
  45 /*
  46  * A list of the rids of well known BUILTIN and Domain users
  47  * and groups.
  48  */
  49
  50 static const rid_name builtin_alias_rids[] =
  51 {
  52     { BUILTIN_ALIAS_RID_ADMINS       , "Administrators" },
  53     { BUILTIN_ALIAS_RID_USERS        , "Users" },
  54     { BUILTIN_ALIAS_RID_GUESTS       , "Guests" },
  55     { BUILTIN_ALIAS_RID_POWER_USERS  , "Power Users" },
  56
  57     { BUILTIN_ALIAS_RID_ACCOUNT_OPS  , "Account Operators" },
  58     { BUILTIN_ALIAS_RID_SYSTEM_OPS   , "System Operators" },
  59     { BUILTIN_ALIAS_RID_PRINT_OPS    , "Print Operators" },
  60     { BUILTIN_ALIAS_RID_BACKUP_OPS   , "Backup Operators" },
  61     { BUILTIN_ALIAS_RID_REPLICATOR   , "Replicator" },
  62     { 0                             , NULL }
  63 };
  64
  65 /* array lookup of well-known Domain RID users. */
  66 static const rid_name domain_user_rids[] =
  67 {
  68     { DOMAIN_USER_RID_ADMIN         , "Administrator" },
  69     { DOMAIN_USER_RID_GUEST         , "Guest" },
  70     { 0                             , NULL }
  71 };
  72
  73 /* array lookup of well-known Domain RID groups. */
  74 static const rid_name domain_group_rids[] =
  75 {
  76     { DOMAIN_GROUP_RID_ADMINS       , "Domain Admins" },
  77     { DOMAIN_GROUP_RID_USERS        , "Domain Users" },
  78     { DOMAIN_GROUP_RID_GUESTS       , "Domain Guests" },
  79     { 0                             , NULL }
  80 };
  81
  82
  83 /*******************************************************************
  84  gets a domain user's groups from their already-calculated NT_USER_TOKEN
  85  ********************************************************************/
  86 NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
  87                                 const NT_USER_TOKEN *nt_token,
  88                                 int *numgroups, DOM_GID **pgids)
  89 {
  90         DOM_GID *gids;
  91         int i;
  92
  93         gids = TALLOC_ARRAY(mem_ctx, DOM_GID, nt_token->num_sids);
  94
  95         if (!gids) {
  96                 return NT_STATUS_NO_MEMORY;
  97         }
  98
  99         *numgroups=0;
 100
 101         for (i=PRIMARY_GROUP_SID_INDEX; i < nt_token->num_sids; i++) {
 102                 if (sid_compare_domain(domain_sid, &nt_token->user_sids[i])==0) {
 103                         sid_peek_rid(&nt_token->user_sids[i], &(gids[*numgroups].g_rid));
 104                         gids[*numgroups].attr=7;
 105                         (*numgroups)++;
 106                 }
 107         }
 108         *pgids = gids;
 109         return NT_STATUS_OK;
 110 }
 111