2 Unix SMB/CIFS implementation.
6 Copyright (C) Jeremy Allison 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "utils/net.h"
25 /********************************************************
26 Connection cachine struct. Goes away when ctx destroyed.
27 ********************************************************/
32 struct cli_state
*cli
;
33 struct rpc_pipe_client
*lsapipe
;
34 struct policy_handle pol
;
37 static struct con_struct
*cs
;
39 /********************************************************
40 Close connection on context destruction.
41 ********************************************************/
43 static int cs_destructor(struct con_struct
*p
)
46 cli_shutdown(cs
->cli
);
52 /********************************************************
53 Create the connection to localhost.
54 ********************************************************/
56 static struct con_struct
*create_cs(struct net_context
*c
,
57 TALLOC_CTX
*ctx
, NTSTATUS
*perr
)
60 struct sockaddr_storage loopback_ss
;
64 if (!interpret_string_addr(&loopback_ss
, "127.0.0.1", AI_NUMERICHOST
)) {
65 *perr
= NT_STATUS_INVALID_PARAMETER
;
70 if (cs
->failed_connect
) {
77 cs
= TALLOC_P(ctx
, struct con_struct
);
79 *perr
= NT_STATUS_NO_MEMORY
;
84 talloc_set_destructor(cs
, cs_destructor
);
86 /* Connect to localhost with given username/password. */
87 /* JRA. Pretty sure we can just do this anonymously.... */
89 if (!opt_password
&& !opt_machine_pass
) {
90 char *pass
= getpass("Password:");
92 opt_password
= SMB_STRDUP(pass
);
97 nt_status
= cli_full_connection(&cs
->cli
, global_myname(), global_myname(),
113 if (!NT_STATUS_IS_OK(nt_status
)) {
114 DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status
)));
115 cs
->failed_connect
= true;
121 nt_status
= cli_rpc_pipe_open_noauth(cs
->cli
,
122 &ndr_table_lsarpc
.syntax_id
,
125 if (!NT_STATUS_IS_OK(nt_status
)) {
126 DEBUG(2,("create_cs: open LSA pipe failed. Error was %s\n", nt_errstr(nt_status
)));
127 cs
->failed_connect
= true;
133 nt_status
= rpccli_lsa_open_policy(cs
->lsapipe
, ctx
, true,
134 SEC_FLAG_MAXIMUM_ALLOWED
,
137 if (!NT_STATUS_IS_OK(nt_status
)) {
138 DEBUG(2,("create_cs: rpccli_lsa_open_policy failed. Error was %s\n", nt_errstr(nt_status
)));
139 cs
->failed_connect
= true;
148 /********************************************************
149 Do a lookup_sids call to localhost.
150 Check if the local machine is authoritative for this sid. We can't
151 check if this is our SID as that's stored in the root-read-only
153 The local smbd will also ask winbindd for us, so we don't have to.
154 ********************************************************/
156 NTSTATUS
net_lookup_name_from_sid(struct net_context
*c
,
159 const char **ppdomain
,
163 struct con_struct
*csp
= NULL
;
166 enum lsa_SidType
*types
;
171 csp
= create_cs(c
, ctx
, &nt_status
);
176 nt_status
= rpccli_lsa_lookup_sids(csp
->lsapipe
, ctx
,
183 if (!NT_STATUS_IS_OK(nt_status
)) {
187 *ppdomain
= domains
[0];
189 /* Don't care about type here. */
195 /********************************************************
196 Do a lookup_names call to localhost.
197 ********************************************************/
199 NTSTATUS
net_lookup_sid_from_name(struct net_context
*c
, TALLOC_CTX
*ctx
,
200 const char *full_name
, DOM_SID
*pret_sid
)
203 struct con_struct
*csp
= NULL
;
204 DOM_SID
*sids
= NULL
;
205 enum lsa_SidType
*types
= NULL
;
207 csp
= create_cs(c
, ctx
, &nt_status
);
212 nt_status
= rpccli_lsa_lookup_names(csp
->lsapipe
, ctx
,
219 if (!NT_STATUS_IS_OK(nt_status
)) {