search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dsdb-acl: fix the order of special and system checks
[Samba/gebeck_regimport.git] / source4 / libnet / prereq_domain.c
blob679669eb621c04e9531305efd3b52da6ea3ee9c8
1 /*
2 Unix SMB/CIFS implementation.
3
4 Copyright (C) Rafal Szczesniak 2006
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20
21 #include "includes.h"
22 #include "libnet/libnet.h"
23 #include "libcli/composite/composite.h"
24 #include "auth/credentials/credentials.h"
25 #include "librpc/ndr/libndr.h"
26 #include "librpc/gen_ndr/samr.h"
27 #include "librpc/gen_ndr/ndr_samr.h"
28 #include "librpc/gen_ndr/lsa.h"
29 #include "librpc/gen_ndr/ndr_lsa.h"
30
31
32 bool samr_domain_opened(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
33 const char *domain_name,
34 struct composite_context **parent_ctx,
35 struct libnet_DomainOpen *domain_open,
36 void (*continue_fn)(struct composite_context*),
37 void (*monitor)(struct monitor_msg*))
38 {
39 struct composite_context *domopen_req;
40
41 if (parent_ctx == NULL || *parent_ctx == NULL) return false;
42
43 if (domain_name == NULL) {
44 /*
45 * Try to guess the domain name from credentials,
46 * if it's not been explicitly specified.
47 */
48
49 if (ndr_policy_handle_empty(&ctx->samr.handle)) {
50 domain_open->in.type = DOMAIN_SAMR;
51 domain_open->in.domain_name = cli_credentials_get_domain(ctx->cred);
52 domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
53
54 } else {
55 composite_error(*parent_ctx, NT_STATUS_INVALID_PARAMETER);
56 return true;
57 }
58
59 } else {
60 /*
61 * The domain name has been specified, so check whether the same
62 * domain is already opened. If it is - just return NULL. Start
63 * opening a new domain otherwise.
64 */
65
66 if (ndr_policy_handle_empty(&ctx->samr.handle) ||
67 !strequal(domain_name, ctx->samr.name)) {
68 domain_open->in.type = DOMAIN_SAMR;
69 domain_open->in.domain_name = domain_name;
70 domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
71
72 } else {
73 /* domain has already been opened and it's the same domain
74 as requested */
75 return true;
76 }
77 }
78
79 /* send request to open the domain */
80 domopen_req = libnet_DomainOpen_send(ctx, mem_ctx, domain_open, monitor);
81 if (composite_nomem(domopen_req, *parent_ctx)) return false;
82
83 composite_continue(*parent_ctx, domopen_req, continue_fn, *parent_ctx);
84 return false;
85 }
86
87
88 bool lsa_domain_opened(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
89 const char *domain_name,
90 struct composite_context **parent_ctx,
91 struct libnet_DomainOpen *domain_open,
92 void (*continue_fn)(struct composite_context*),
93 void (*monitor)(struct monitor_msg*))
94 {
95 struct composite_context *domopen_req;
96
97 if (parent_ctx == NULL || *parent_ctx == NULL) return false;
98
99 if (domain_name == NULL) {
100 /*
101 * Try to guess the domain name from credentials,
102 * if it's not been explicitly specified.
103 */
104
105 if (ndr_policy_handle_empty(&ctx->lsa.handle)) {
106 domain_open->in.type = DOMAIN_LSA;
107 domain_open->in.domain_name = cli_credentials_get_domain(ctx->cred);
108 domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
109
110 } else {
111 composite_error(*parent_ctx, NT_STATUS_INVALID_PARAMETER);
112 /* this ensures the calling function exits and composite function error
113 gets noticed quickly */
114 return true;
115 }
116
117 } else {
118 /*
119 * The domain name has been specified, so check whether the same
120 * domain is already opened. If it is - just return NULL. Start
121 * opening a new domain otherwise.
122 */
123
124 if (ndr_policy_handle_empty(&ctx->lsa.handle) ||
125 !strequal(domain_name, ctx->lsa.name)) {
126 domain_open->in.type = DOMAIN_LSA;
127 domain_open->in.domain_name = domain_name;
128 domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
129
130 } else {
131 /* domain has already been opened and it's the same domain
132 as requested */
133 return true;
134 }
135 }
136
137 /* send request to open the domain */
138 domopen_req = libnet_DomainOpen_send(ctx, mem_ctx, domain_open, monitor);
139 /* see the comment above to find out why true is returned here */
140 if (composite_nomem(domopen_req, *parent_ctx)) return true;
141
142 composite_continue(*parent_ctx, domopen_req, continue_fn, *parent_ctx);
143 return false;
144 }
reg import