3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
9 * Copyright (C) Jeremy Allison 1998.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
30 extern int DEBUGLEVEL
;
31 extern DOM_SID global_sam_sid
;
33 /***************************************************************************
34 lsa_reply_open_policy2
35 ***************************************************************************/
36 static void lsa_reply_open_policy2(prs_struct
*rdata
)
43 /* set up the LSA QUERY INFO response */
45 for (i
= 4; i
< POL_HND_SIZE
; i
++)
51 /* store the response in the SMB stream */
52 lsa_io_r_open_pol2("", &r_o
, rdata
, 0);
55 /***************************************************************************
57 ***************************************************************************/
58 static void lsa_reply_open_policy(prs_struct
*rdata
)
65 /* set up the LSA QUERY INFO response */
67 for (i
= 4; i
< POL_HND_SIZE
; i
++)
73 /* store the response in the SMB stream */
74 lsa_io_r_open_pol("", &r_o
, rdata
, 0);
77 /***************************************************************************
79 ***************************************************************************/
80 static void make_dom_query(DOM_QUERY
*d_q
, char *dom_name
, DOM_SID
*dom_sid
)
82 int domlen
= strlen(dom_name
);
84 d_q
->uni_dom_max_len
= domlen
* 2;
85 d_q
->uni_dom_str_len
= domlen
* 2;
87 d_q
->buffer_dom_name
= 4; /* domain buffer pointer */
88 d_q
->buffer_dom_sid
= 2; /* domain sid pointer */
90 /* this string is supposed to be character short */
91 make_unistr2(&(d_q
->uni_domain_name
), dom_name
, domlen
);
93 make_dom_sid2(&(d_q
->dom_sid
), dom_sid
);
96 /***************************************************************************
98 ***************************************************************************/
99 static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM
*q_e
,
101 uint32 enum_context
, char *dom_name
, DOM_SID
*dom_sid
)
103 LSA_R_ENUM_TRUST_DOM r_e
;
107 /* set up the LSA QUERY INFO response */
108 make_r_enum_trust_dom(&r_e
, enum_context
, dom_name
, dom_sid
,
109 dom_name
!= NULL
? 0x0 : 0x80000000 | NT_STATUS_UNABLE_TO_FREE_VM
);
111 /* store the response in the SMB stream */
112 lsa_io_r_enum_trust_dom("", &r_e
, rdata
, 0);
115 /***************************************************************************
117 ***************************************************************************/
118 static void lsa_reply_query_info(LSA_Q_QUERY_INFO
*q_q
, prs_struct
*rdata
,
119 char *dom_name
, DOM_SID
*dom_sid
)
121 LSA_R_QUERY_INFO r_q
;
125 /* set up the LSA QUERY INFO response */
127 r_q
.undoc_buffer
= 0x22000000; /* bizarre */
128 r_q
.info_class
= q_q
->info_class
;
130 make_dom_query(&r_q
.dom
.id5
, dom_name
, dom_sid
);
134 /* store the response in the SMB stream */
135 lsa_io_r_query("", &r_q
, rdata
, 0);
139 /***************************************************************************
141 ***************************************************************************/
142 static void make_dom_ref(DOM_R_REF
*ref
, int num_domains
,
143 char **dom_names
, DOM_SID
**dom_sids
)
148 if (num_domains
> MAX_REF_DOMAINS
)
150 num_domains
= MAX_REF_DOMAINS
;
153 ref
->undoc_buffer
= 1;
154 ref
->num_ref_doms_1
= num_domains
;
155 ref
->undoc_buffer2
= 1;
156 ref
->max_entries
= MAX_REF_DOMAINS
;
157 ref
->num_ref_doms_2
= num_domains
;
159 for (i
= 0; i
< num_domains
; i
++)
161 int len
= dom_names
[i
] != NULL
? strlen(dom_names
[i
]) : 0;
163 make_uni_hdr(&(ref
->hdr_ref_dom
[i
].hdr_dom_name
), len
, len
, len
!= 0 ? 1 : 0);
164 ref
->hdr_ref_dom
[i
].ptr_dom_sid
= dom_sids
[i
] != NULL
? 1 : 0;
166 make_unistr2 (&(ref
->ref_dom
[i
].uni_dom_name
), dom_names
[i
], len
);
167 make_dom_sid2(&(ref
->ref_dom
[i
].ref_dom
), dom_sids
[i
]);
172 /***************************************************************************
173 make_reply_lookup_rids
174 ***************************************************************************/
175 static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS
*r_l
,
176 int num_entries
, uint32 dom_rids
[MAX_LOOKUP_SIDS
],
178 char **dom_names
, DOM_SID
**dom_sids
)
182 make_dom_ref(&(r_l
->dom_ref
), num_ref_doms
, dom_names
, dom_sids
);
184 r_l
->num_entries
= num_entries
;
185 r_l
->undoc_buffer
= 1;
186 r_l
->num_entries2
= num_entries
;
188 SMB_ASSERT_ARRAY(r_l
->dom_rid
, num_entries
);
190 for (i
= 0; i
< num_entries
; i
++)
192 make_dom_rid2(&(r_l
->dom_rid
[i
]), dom_rids
[i
], 0x01);
195 r_l
->num_entries3
= num_entries
;
198 /***************************************************************************
200 ***************************************************************************/
201 static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM
*trn
,
202 int num_entries
, DOM_SID2 sid
[MAX_LOOKUP_SIDS
],
209 SMB_ASSERT(num_entries
<= MAX_LOOKUP_SIDS
);
211 for (i
= 0; i
< num_entries
; i
++)
213 uint32 rid
= 0xffffffff;
214 uint8 num_auths
= sid
[i
].sid
.num_auths
;
218 SMB_ASSERT_ARRAY(sid
[i
].sid
.sub_auths
, num_auths
);
220 /* find the rid to look up */
223 rid
= sid
[i
].sid
.sub_auths
[num_auths
-1];
225 status
= 0xC0000000 | NT_STATUS_NONE_MAPPED
;
227 status
= (status
!= 0x0) ? lookup_user_name (rid
, name
, &type
) : status
;
228 status
= (status
!= 0x0) ? lookup_group_name(rid
, name
, &type
) : status
;
229 status
= (status
!= 0x0) ? lookup_alias_name(rid
, name
, &type
) : status
;
234 make_lsa_trans_name(&(trn
->name
[(*total
)]),
235 &(trn
->uni_name
[(*total
)]),
236 type
, name
, (*total
));
241 trn
->num_entries
= (*total
);
242 trn
->ptr_trans_names
= 1;
243 trn
->num_entries2
= (*total
);
246 /***************************************************************************
247 make_reply_lookup_sids
248 ***************************************************************************/
249 static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS
*r_l
,
250 DOM_R_REF
*ref
, LSA_TRANS_NAME_ENUM
*names
,
251 uint32 mapped_count
, uint32 status
)
255 r_l
->mapped_count
= mapped_count
;
256 r_l
->status
= status
;
259 /***************************************************************************
260 lsa_reply_lookup_sids
261 ***************************************************************************/
262 static void lsa_reply_lookup_sids(prs_struct
*rdata
,
263 int num_entries
, DOM_SID2 sid
[MAX_LOOKUP_SIDS
],
265 char **dom_names
, DOM_SID
**dom_sids
)
267 LSA_R_LOOKUP_SIDS r_l
;
269 LSA_TRANS_NAME_ENUM names
;
270 uint32 mapped_count
= 0;
276 /* set up the LSA Lookup SIDs response */
277 make_dom_ref(&ref
, num_ref_doms
, dom_names
, dom_sids
);
278 make_lsa_trans_names(&names
, num_entries
, sid
, &mapped_count
);
279 make_reply_lookup_sids(&r_l
, &ref
, &names
, mapped_count
, 0x0);
281 /* store the response in the SMB stream */
282 lsa_io_r_lookup_sids("", &r_l
, rdata
, 0);
285 /***************************************************************************
286 lsa_reply_lookup_rids
287 ***************************************************************************/
288 static void lsa_reply_lookup_rids(prs_struct
*rdata
,
289 int num_entries
, uint32 dom_rids
[MAX_LOOKUP_SIDS
],
291 char **dom_names
, DOM_SID
**dom_sids
)
293 LSA_R_LOOKUP_RIDS r_l
;
297 /* set up the LSA Lookup RIDs response */
298 make_reply_lookup_rids(&r_l
, num_entries
, dom_rids
,
299 num_ref_doms
, dom_names
, dom_sids
);
302 /* store the response in the SMB stream */
303 lsa_io_r_lookup_rids("", &r_l
, rdata
, 0);
306 /***************************************************************************
308 ***************************************************************************/
309 static void api_lsa_open_policy2( uint16 vuid
, prs_struct
*data
,
316 /* grab the server, object attributes and desired access flag...*/
317 lsa_io_q_open_pol2("", &q_o
, data
, 0);
319 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
321 /* return a 20 byte policy handle */
322 lsa_reply_open_policy2(rdata
);
325 /***************************************************************************
327 ***************************************************************************/
328 static void api_lsa_open_policy( uint16 vuid
, prs_struct
*data
,
335 /* grab the server, object attributes and desired access flag...*/
336 lsa_io_q_open_pol("", &q_o
, data
, 0);
338 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
340 /* return a 20 byte policy handle */
341 lsa_reply_open_policy(rdata
);
344 /***************************************************************************
345 api_lsa_enum_trust_dom
346 ***************************************************************************/
347 static void api_lsa_enum_trust_dom( uint16 vuid
, prs_struct
*data
,
350 LSA_Q_ENUM_TRUST_DOM q_e
;
354 /* grab the enum trust domain context etc. */
355 lsa_io_q_enum_trust_dom("", &q_e
, data
, 0);
357 /* construct reply. return status is always 0x0 */
358 lsa_reply_enum_trust_dom(&q_e
, rdata
, 0, NULL
, NULL
);
361 /***************************************************************************
363 ***************************************************************************/
364 static void api_lsa_query_info( uint16 vuid
, prs_struct
*data
,
367 LSA_Q_QUERY_INFO q_i
;
372 /* grab the info class and policy handle */
373 lsa_io_q_query("", &q_i
, data
, 0);
375 pstrcpy(dom_name
, lp_workgroup());
377 /* construct reply. return status is always 0x0 */
378 lsa_reply_query_info(&q_i
, rdata
, dom_name
, &global_sam_sid
);
381 /***************************************************************************
383 ***************************************************************************/
384 static void api_lsa_lookup_sids( uint16 vuid
, prs_struct
*data
,
387 LSA_Q_LOOKUP_SIDS q_l
;
393 DOM_SID
*sid_array
[4];
397 ZERO_STRUCT(sid_S_1_1
);
398 ZERO_STRUCT(sid_S_1_3
);
399 ZERO_STRUCT(sid_S_1_5
);
401 /* grab the info class and policy handle */
402 lsa_io_q_lookup_sids("", &q_l
, data
, 0);
404 pstrcpy(dom_name
, lp_workgroup());
406 string_to_sid(&sid_S_1_1
, "S-1-1");
407 string_to_sid(&sid_S_1_3
, "S-1-3");
408 string_to_sid(&sid_S_1_5
, "S-1-5");
410 dom_names
[0] = dom_name
;
411 sid_array
[0] = &global_sam_sid
;
413 dom_names
[1] = "Everyone";
414 sid_array
[1] = &sid_S_1_1
;
416 dom_names
[2] = "don't know";
417 sid_array
[2] = &sid_S_1_3
;
419 dom_names
[3] = "NT AUTHORITY";
420 sid_array
[3] = &sid_S_1_5
;
422 /* construct reply. return status is always 0x0 */
423 lsa_reply_lookup_sids(rdata
,
424 q_l
.sids
.num_entries
, q_l
.sids
.sid
, /* SIDs */
425 4, dom_names
, sid_array
);
428 /***************************************************************************
430 ***************************************************************************/
431 static void api_lsa_lookup_names( uint16 vuid
, prs_struct
*data
,
435 LSA_Q_LOOKUP_RIDS q_l
;
437 uint32 dom_rids
[MAX_LOOKUP_SIDS
];
444 DOM_SID
*sid_array
[4];
448 ZERO_STRUCT(sid_S_1_1
);
449 ZERO_STRUCT(sid_S_1_3
);
450 ZERO_STRUCT(sid_S_1_5
);
451 ZERO_ARRAY(dom_rids
);
453 /* grab the info class and policy handle */
454 lsa_io_q_lookup_rids("", &q_l
, data
, 0);
456 pstrcpy(dom_name
, lp_workgroup());
458 string_to_sid(&sid_S_1_1
, "S-1-1");
459 string_to_sid(&sid_S_1_3
, "S-1-3");
460 string_to_sid(&sid_S_1_5
, "S-1-5");
462 dom_names
[0] = dom_name
;
463 sid_array
[0] = &global_sam_sid
;
465 dom_names
[1] = "Everyone";
466 sid_array
[1] = &sid_S_1_1
;
468 dom_names
[2] = "don't know";
469 sid_array
[2] = &sid_S_1_3
;
471 dom_names
[3] = "NT AUTHORITY";
472 sid_array
[3] = &sid_S_1_5
;
474 SMB_ASSERT_ARRAY(q_l
.lookup_name
, q_l
.num_entries
);
476 /* convert received RIDs to strings, so we can do them. */
477 for (i
= 0; i
< q_l
.num_entries
; i
++)
480 fstrcpy(user_name
, unistr2(q_l
.lookup_name
[i
].str
.buffer
));
483 * Map to the UNIX username.
485 map_username(user_name
);
488 * Do any case conversions.
490 (void)Get_Pwnam(user_name
, True
);
492 if (!pdb_name_to_rid(user_name
, &dom_rids
[i
], &dummy_g_rid
))
494 /* WHOOPS! we should really do something about this... */
499 /* construct reply. return status is always 0x0 */
500 lsa_reply_lookup_rids(rdata
,
501 q_l
.num_entries
, dom_rids
, /* text-converted SIDs */
502 4, dom_names
, sid_array
);
505 /***************************************************************************
507 ***************************************************************************/
508 static void api_lsa_close( uint16 vuid
, prs_struct
*data
,
511 /* XXXX this is NOT good */
512 char *q
= mem_data(&(rdata
->data
), rdata
->offset
);
530 /***************************************************************************
532 ***************************************************************************/
533 static void api_lsa_open_secret( uint16 vuid
, prs_struct
*data
,
536 /* XXXX this is NOT good */
537 char *q
= mem_data(&(rdata
->data
), rdata
->offset
);
549 SIVAL(q
, 0, 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND
);
555 /***************************************************************************
557 ***************************************************************************/
558 static struct api_struct api_lsa_cmds
[] =
560 { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2
, api_lsa_open_policy2
},
561 { "LSA_OPENPOLICY" , LSA_OPENPOLICY
, api_lsa_open_policy
},
562 { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY
, api_lsa_query_info
},
563 { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM
, api_lsa_enum_trust_dom
},
564 { "LSA_CLOSE" , LSA_CLOSE
, api_lsa_close
},
565 { "LSA_OPENSECRET" , LSA_OPENSECRET
, api_lsa_open_secret
},
566 { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS
, api_lsa_lookup_sids
},
567 { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES
, api_lsa_lookup_names
},
571 /***************************************************************************
573 ***************************************************************************/
574 BOOL
api_ntlsa_rpc(pipes_struct
*p
, prs_struct
*data
)
576 return api_rpcTNP(p
, "api_ntlsa_rpc", api_lsa_cmds
, data
);