[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Mon Jan 10 11:06:01 MST 2011
The branch, master has been updated
via 3f21b97 s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 client_revision.
via b1df95c s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 lookup_options.
via e02916c s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 client_revision.
via a53e083 s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 lookup_options.
via b17eb82 s3-netlogon: Move to new dcerpc client funtions.
via fd1fff6 s3-rpc_client: Added dcerpc_lsa_lookup_names.
via c91e756 s3-rpc_client: Added dcerpc_lsa_lookup_sids and dcerpc_lsa_lookup_sids3.
via 8f14229 s3-rpc_client: Added dcerpc_lsa_open_policy2.
via 2f81950 s3-rpc_client: Added dcerpc_lsa_open_policy.
from 342bb47 s3: Remove superfluous ;
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3f21b971a9fda418e1a96ada9e6778b04004e005
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jan 5 17:35:36 2011 +0100
s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 client_revision.
The spec states that the ClientRevision value MUST be one of the
following: LSA_CLIENT_REVISION_1 or LSA_CLIENT_REVISION_2.
LSA_CLIENT_REVISION_2 means Windows 2000 and newer.
Signed-off-by: Günther Deschner <gd at samba.org>
Autobuild-User: Günther Deschner <gd at samba.org>
Autobuild-Date: Mon Jan 10 19:05:31 CET 2011 on sn-devel-104
commit b1df95cbc5c5f0f5272ea047f9f8d93d5d732fcc
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jan 5 17:34:30 2011 +0100
s3-rpc_client: Fixed the dcerpc_lsa_LookupNames4 lookup_options.
Use the enum value in dcerpc_lsa_LookupNames4 for _lookup_options.
Signed-off-by: Günther Deschner <gd at samba.org>
commit e02916c4532c8cdd185624e1fe26b0496ef60419
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jan 5 17:24:51 2011 +0100
s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 client_revision.
The spec states that the ClientRevision value MUST be one of the
following: LSA_CLIENT_REVISION_1 or LSA_CLIENT_REVISION_2.
LSA_CLIENT_REVISION_2 means Windows 2000 and newer.
Signed-off-by: Günther Deschner <gd at samba.org>
commit a53e0831d2491268b9fe808a3f9fda7dd9ebce5d
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jan 5 17:22:18 2011 +0100
s3-rpc_client: Fixed the dcerpc_lsa_LookupSids3 lookup_options.
Use the enum value in dcerpc_lsa_LookupSids3 for _lookup_options.
Signed-off-by: Günther Deschner <gd at samba.org>
commit b17eb8256d28f0ec2b6376f0bd3c90e0d664bd8f
Author: Andreas Schneider <asn at samba.org>
Date: Fri Sep 3 11:15:25 2010 +0200
s3-netlogon: Move to new dcerpc client funtions.
Signed-off-by: Günther Deschner <gd at samba.org>
commit fd1fff608c03bd45741ff89ccfefe549b3abfada
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 7 15:49:00 2010 +0200
s3-rpc_client: Added dcerpc_lsa_lookup_names.
Signed-off-by: Günther Deschner <gd at samba.org>
commit c91e756f8d406abee41f9644bd82353fdee347cb
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 7 14:58:19 2010 +0200
s3-rpc_client: Added dcerpc_lsa_lookup_sids and dcerpc_lsa_lookup_sids3.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 8f14229b28321e82f6f444d48f514c54cbc24f9b
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 7 12:19:25 2010 +0200
s3-rpc_client: Added dcerpc_lsa_open_policy2.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 2f819505afe2a5f1bd244a625861f7b07c78ae8f
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 7 11:24:52 2010 +0200
s3-rpc_client: Added dcerpc_lsa_open_policy.
Signed-off-by: Günther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_client/cli_lsarpc.c | 443 +++++++++++++++++++++++++++---------
source3/rpc_client/cli_lsarpc.h | 136 +++++++++++
source3/rpc_server/srv_netlog_nt.c | 196 ++++++++++++-----
3 files changed, 611 insertions(+), 164 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 29cb09c..2ffd1c8 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -41,14 +41,12 @@
* security authority", which is half of a password database.
**/
-/** Open a LSA policy handle
- *
- * @param cli Handle on an initialised SMB connection */
-
-NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
+NTSTATUS dcerpc_lsa_open_policy(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
- bool sec_qos, uint32 des_access,
- struct policy_handle *pol)
+ bool sec_qos,
+ uint32_t des_access,
+ struct policy_handle *pol,
+ NTSTATUS *result)
{
struct lsa_ObjectAttribute attr;
struct lsa_QosInfo qos;
@@ -67,21 +65,47 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
attr.sec_qos = &qos;
}
- return rpccli_lsa_OpenPolicy(cli, mem_ctx,
+ return dcerpc_lsa_OpenPolicy(h,
+ mem_ctx,
&system_name,
&attr,
des_access,
- pol);
+ pol,
+ result);
}
/** Open a LSA policy handle
- *
- * @param cli Handle on an initialised SMB connection
- */
+ *
+ * @param cli Handle on an initialised SMB connection */
-NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx, bool sec_qos,
- uint32 des_access, struct policy_handle *pol)
+NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ bool sec_qos, uint32 des_access,
+ struct policy_handle *pol)
+{
+ NTSTATUS status;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ status = dcerpc_lsa_open_policy(cli->binding_handle,
+ mem_ctx,
+ sec_qos,
+ des_access,
+ pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return result;
+}
+
+NTSTATUS dcerpc_lsa_open_policy2(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ const char *srv_name_slash,
+ bool sec_qos,
+ uint32_t des_access,
+ struct policy_handle *pol,
+ NTSTATUS *result)
{
struct lsa_ObjectAttribute attr;
struct lsa_QosInfo qos;
@@ -99,11 +123,38 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
attr.sec_qos = &qos;
}
- return rpccli_lsa_OpenPolicy2(cli, mem_ctx,
- cli->srv_name_slash,
+ return dcerpc_lsa_OpenPolicy2(h,
+ mem_ctx,
+ srv_name_slash,
&attr,
des_access,
- pol);
+ pol,
+ result);
+}
+
+/** Open a LSA policy handle
+ *
+ * @param cli Handle on an initialised SMB connection
+ */
+
+NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx, bool sec_qos,
+ uint32 des_access, struct policy_handle *pol)
+{
+ NTSTATUS status;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ status = dcerpc_lsa_open_policy(cli->binding_handle,
+ mem_ctx,
+ sec_qos,
+ des_access,
+ pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return result;
}
/* Lookup a list of sids
@@ -111,7 +162,7 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
* internal version withOUT memory allocation of the target arrays.
* this assumes suffciently sized arrays to store domains, names and types. */
-static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
+static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
struct policy_handle *pol,
int num_sids,
@@ -119,29 +170,23 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
char **domains,
char **names,
enum lsa_SidType *types,
- bool use_lookupsids3)
+ bool use_lookupsids3,
+ NTSTATUS *presult)
{
- NTSTATUS result = NT_STATUS_OK;
- TALLOC_CTX *tmp_ctx = NULL;
- int i;
+ NTSTATUS status = NT_STATUS_OK;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct lsa_SidArray sid_array;
struct lsa_RefDomainList *ref_domains = NULL;
struct lsa_TransNameArray lsa_names;
+ enum lsa_LookupNamesLevel level = LSA_LOOKUP_NAMES_ALL;
uint32_t count = 0;
- uint16_t level = 1;
+ int i;
ZERO_STRUCT(lsa_names);
- tmp_ctx = talloc_new(mem_ctx);
- if (!tmp_ctx) {
- DEBUG(0, ("rpccli_lsa_lookup_sids_noalloc: out of memory!\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
sid_array.num_sids = num_sids;
sid_array.sids = TALLOC_ARRAY(mem_ctx, struct lsa_SidPtr, num_sids);
- if (!sid_array.sids) {
+ if (sid_array.sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -158,19 +203,26 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
ZERO_STRUCT(lsa_names2);
- result = rpccli_lsa_LookupSids3(cli, mem_ctx,
+ status = dcerpc_lsa_LookupSids3(h,
+ mem_ctx,
&sid_array,
&ref_domains,
&lsa_names2,
level,
&count,
- 0,
- 0);
+ LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES,
+ LSA_CLIENT_REVISION_2,
+ &result);
+ if (NT_STATUS_IS_OK(status)) {
+ return status;
+ }
- if (!NT_STATUS_IS_ERR(result)) {
- lsa_names.count = lsa_names2.count;
- lsa_names.names = talloc_array(mem_ctx, struct lsa_TranslatedName, lsa_names.count);
- if (!lsa_names.names) {
+ if(!NT_STATUS_IS_ERR(result)) {
+ lsa_names.count = lsa_names2.count;
+ lsa_names.names = talloc_array(mem_ctx,
+ struct lsa_TranslatedName,
+ lsa_names.count);
+ if (lsa_names.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (n=0; n < lsa_names.count; n++) {
@@ -181,28 +233,34 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
}
} else {
- result = rpccli_lsa_LookupSids(cli, mem_ctx,
+ status = dcerpc_lsa_LookupSids(h,
+ mem_ctx,
pol,
&sid_array,
&ref_domains,
&lsa_names,
level,
- &count);
+ &count,
+ &result);
}
- DEBUG(10, ("LSA_LOOKUPSIDS returned '%s', mapped count = %d'\n",
- nt_errstr(result), count));
+ DEBUG(10, ("LSA_LOOKUPSIDS returned status: '%s', result: '%s', "
+ "mapped count = %d'\n",
+ nt_errstr(status), nt_errstr(result), count));
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) &&
!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
{
- /* An actual error occured */
- goto done;
+ *presult = result;
+ return status;
}
/* Return output parameters */
-
if (NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) ||
(count == 0))
{
@@ -211,8 +269,8 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
(domains)[i] = NULL;
(types)[i] = SID_NAME_UNKNOWN;
}
- result = NT_STATUS_NONE_MAPPED;
- goto done;
+ *presult = NT_STATUS_NONE_MAPPED;
+ return status;
}
for (i = 0; i < num_sids; i++) {
@@ -230,8 +288,8 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
(names)[i] = talloc_strdup(names, name);
if ((names)[i] == NULL) {
DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
+ *presult = NT_STATUS_UNSUCCESSFUL;
+ return status;
}
} else {
(names)[i] = NULL;
@@ -241,8 +299,8 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
(types)[i] = lsa_names.names[i].sid_type;
if (((domains)[i] == NULL)) {
DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
+ *presult = NT_STATUS_UNSUCCESSFUL;
+ return status;
}
} else {
@@ -252,9 +310,8 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
}
}
-done:
- TALLOC_FREE(tmp_ctx);
- return result;
+ *presult = NT_STATUS_OK;
+ return status;
}
/* Lookup a list of sids
@@ -269,7 +326,7 @@ done:
* at 20480 for win2k3, but we keep it at a save 1000 for now. */
#define LOOKUP_SIDS_HUNK_SIZE 1000
-static NTSTATUS rpccli_lsa_lookup_sids_generic(struct rpc_pipe_client *cli,
+static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
struct policy_handle *pol,
int num_sids,
@@ -277,8 +334,10 @@ static NTSTATUS rpccli_lsa_lookup_sids_generic(struct rpc_pipe_client *cli,
char ***pdomains,
char ***pnames,
enum lsa_SidType **ptypes,
- bool use_lookupsids3)
+ bool use_lookupsids3,
+ NTSTATUS *presult)
{
+ NTSTATUS status;
NTSTATUS result = NT_STATUS_OK;
int sids_left = 0;
int sids_processed = 0;
@@ -319,7 +378,7 @@ static NTSTATUS rpccli_lsa_lookup_sids_generic(struct rpc_pipe_client *cli,
while (sids_left > 0) {
int hunk_num_sids;
- NTSTATUS hunk_result = NT_STATUS_OK;
+ NTSTATUS hunk_result;
hunk_num_sids = ((sids_left > LOOKUP_SIDS_HUNK_SIZE)
? LOOKUP_SIDS_HUNK_SIZE
@@ -331,22 +390,26 @@ static NTSTATUS rpccli_lsa_lookup_sids_generic(struct rpc_pipe_client *cli,
sids_processed + hunk_num_sids - 1,
num_sids));
- hunk_result = rpccli_lsa_lookup_sids_noalloc(cli,
- mem_ctx,
- pol,
- hunk_num_sids,
- hunk_sids,
- hunk_domains,
- hunk_names,
- hunk_types,
- use_lookupsids3);
+ status = dcerpc_lsa_lookup_sids_noalloc(h,
+ mem_ctx,
+ pol,
+ hunk_num_sids,
+ hunk_sids,
+ hunk_domains,
+ hunk_names,
+ hunk_types,
+ use_lookupsids3,
+ &hunk_result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
if (!NT_STATUS_IS_OK(hunk_result) &&
!NT_STATUS_EQUAL(hunk_result, STATUS_SOME_UNMAPPED) &&
!NT_STATUS_EQUAL(hunk_result, NT_STATUS_NONE_MAPPED))
{
/* An actual error occured */
- result = hunk_result;
+ *presult = hunk_result;
goto fail;
}
@@ -380,18 +443,43 @@ static NTSTATUS rpccli_lsa_lookup_sids_generic(struct rpc_pipe_client *cli,
*ptypes = types;
if (!have_mapped) {
- return NT_STATUS_NONE_MAPPED;
+ result = NT_STATUS_NONE_MAPPED;
}
if (have_unmapped) {
- return STATUS_SOME_UNMAPPED;
+ result = STATUS_SOME_UNMAPPED;
}
- return NT_STATUS_OK;
+ *presult = result;
+
+ return status;
fail:
TALLOC_FREE(domains);
TALLOC_FREE(names);
TALLOC_FREE(types);
- return result;
+
+ return status;
+}
+
+NTSTATUS dcerpc_lsa_lookup_sids(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ int num_sids,
+ const struct dom_sid *sids,
+ char ***pdomains,
+ char ***pnames,
+ enum lsa_SidType **ptypes,
+ NTSTATUS *result)
+{
+ return dcerpc_lsa_lookup_sids_generic(h,
+ mem_ctx,
+ pol,
+ num_sids,
+ sids,
+ pdomains,
+ pnames,
+ ptypes,
+ false,
+ result);
}
NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
@@ -403,8 +491,46 @@ NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
char ***pnames,
enum lsa_SidType **ptypes)
{
- return rpccli_lsa_lookup_sids_generic(cli, mem_ctx, pol, num_sids, sids,
- pdomains, pnames, ptypes, false);
+ NTSTATUS status;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ status = dcerpc_lsa_lookup_sids_generic(cli->binding_handle,
+ mem_ctx,
+ pol,
+ num_sids,
+ sids,
+ pdomains,
+ pnames,
+ ptypes,
+ false,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return result;
+}
+
+NTSTATUS dcerpc_lsa_lookup_sids3(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ int num_sids,
+ const struct dom_sid *sids,
+ char ***pdomains,
+ char ***pnames,
+ enum lsa_SidType **ptypes,
+ NTSTATUS *result)
+{
+ return dcerpc_lsa_lookup_sids_generic(h,
+ mem_ctx,
+ pol,
+ num_sids,
+ sids,
+ pdomains,
+ pnames,
+ ptypes,
+ true,
+ result);
}
NTSTATUS rpccli_lsa_lookup_sids3(struct rpc_pipe_client *cli,
@@ -416,88 +542,110 @@ NTSTATUS rpccli_lsa_lookup_sids3(struct rpc_pipe_client *cli,
char ***pnames,
enum lsa_SidType **ptypes)
{
- return rpccli_lsa_lookup_sids_generic(cli, mem_ctx, pol, num_sids, sids,
- pdomains, pnames, ptypes, true);
+ NTSTATUS status;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ status = dcerpc_lsa_lookup_sids_generic(cli->binding_handle,
+ mem_ctx,
+ pol,
+ num_sids,
+ sids,
+ pdomains,
+ pnames,
+ ptypes,
+ true,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return result;
}
/** Lookup a list of names */
-static NTSTATUS rpccli_lsa_lookup_names_generic(struct rpc_pipe_client *cli,
+static NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
- struct policy_handle *pol, int num_names,
+ struct policy_handle *pol,
+ uint32_t num_names,
const char **names,
const char ***dom_names,
- int level,
+ enum lsa_LookupNamesLevel level,
struct dom_sid **sids,
enum lsa_SidType **types,
- bool use_lookupnames4)
+ bool use_lookupnames4,
+ NTSTATUS *presult)
{
- NTSTATUS result;
- int i;
+ NTSTATUS status;
--
Samba Shared Repository
More information about the samba-cvs
mailing list