LCOV - code coverage report
Current view: top level - source3/lib/netapi - samr.c (source / functions) Hit Total Coverage
Test: coverage report for master 2b515b7d Lines: 104 147 70.7 %
Date: 2024-02-28 12:06:22 Functions: 6 6 100.0 %

          Line data    Source code
       1             : /*
       2             :  *  Unix SMB/CIFS implementation.
       3             :  *  NetApi Samr Support
       4             :  *  Copyright (C) Guenther Deschner 2008
       5             :  *
       6             :  *  This program is free software; you can redistribute it and/or modify
       7             :  *  it under the terms of the GNU General Public License as published by
       8             :  *  the Free Software Foundation; either version 3 of the License, or
       9             :  *  (at your option) any later version.
      10             :  *
      11             :  *  This program is distributed in the hope that it will be useful,
      12             :  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
      13             :  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14             :  *  GNU General Public License for more details.
      15             :  *
      16             :  *  You should have received a copy of the GNU General Public License
      17             :  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
      18             :  */
      19             : 
      20             : #include "includes.h"
      21             : #include "lib/netapi/netapi.h"
      22             : #include "lib/netapi/netapi_private.h"
      23             : #include "rpc_client/rpc_client.h"
      24             : #include "../librpc/gen_ndr/ndr_samr_c.h"
      25             : #include "rpc_client/cli_samr.h"
      26             : #include "rpc_client/init_lsa.h"
      27             : #include "../libcli/security/security.h"
      28             : 
      29             : /****************************************************************
      30             : ****************************************************************/
      31             : 
      32         157 : WERROR libnetapi_samr_open_domain(struct libnetapi_ctx *mem_ctx,
      33             :                                   struct rpc_pipe_client *pipe_cli,
      34             :                                   uint32_t connect_mask,
      35             :                                   uint32_t domain_mask,
      36             :                                   struct policy_handle *connect_handle,
      37             :                                   struct policy_handle *domain_handle,
      38             :                                   struct dom_sid2 **domain_sid)
      39             : {
      40           0 :         NTSTATUS status, result;
      41           0 :         WERROR werr;
      42           0 :         struct libnetapi_private_ctx *priv;
      43         157 :         uint32_t resume_handle = 0;
      44         157 :         uint32_t num_entries = 0;
      45         157 :         struct samr_SamArray *sam = NULL;
      46         157 :         const char *domain_name = NULL;
      47           0 :         struct lsa_String lsa_domain_name;
      48         157 :         bool domain_found = false;
      49           0 :         int i;
      50         157 :         struct dcerpc_binding_handle *b = pipe_cli->binding_handle;
      51             : 
      52         157 :         priv = talloc_get_type_abort(mem_ctx->private_data,
      53             :                 struct libnetapi_private_ctx);
      54             : 
      55         157 :         if (is_valid_policy_hnd(&priv->samr.connect_handle)) {
      56          75 :                 if ((priv->samr.connect_mask & connect_mask) == connect_mask) {
      57          75 :                         *connect_handle = priv->samr.connect_handle;
      58             :                 } else {
      59           0 :                         libnetapi_samr_close_connect_handle(mem_ctx,
      60             :                                 &priv->samr.connect_handle);
      61             :                 }
      62             :         }
      63             : 
      64         157 :         if (is_valid_policy_hnd(&priv->samr.domain_handle)) {
      65          75 :                 if ((priv->samr.domain_mask & domain_mask) == domain_mask) {
      66          67 :                         *domain_handle = priv->samr.domain_handle;
      67             :                 } else {
      68           8 :                         libnetapi_samr_close_domain_handle(mem_ctx,
      69             :                                 &priv->samr.domain_handle);
      70             :                 }
      71             :         }
      72             : 
      73         157 :         if (priv->samr.domain_sid) {
      74          75 :                 *domain_sid = priv->samr.domain_sid;
      75             :         }
      76             : 
      77         157 :         if (is_valid_policy_hnd(&priv->samr.connect_handle) &&
      78          75 :             ((priv->samr.connect_mask & connect_mask) == connect_mask) &&
      79          75 :             is_valid_policy_hnd(&priv->samr.domain_handle) &&
      80          67 :             (priv->samr.domain_mask & domain_mask) == domain_mask) {
      81          67 :                 return WERR_OK;
      82             :         }
      83             : 
      84          90 :         if (!is_valid_policy_hnd(connect_handle)) {
      85          82 :                 status = dcerpc_try_samr_connects(pipe_cli->binding_handle, mem_ctx,
      86          82 :                                                   pipe_cli->srv_name_slash,
      87             :                                                   connect_mask,
      88             :                                                   connect_handle,
      89             :                                                   &result);
      90          82 :                 if (any_nt_status_not_ok(status, result, &status)) {
      91           0 :                         werr = ntstatus_to_werror(status);
      92           0 :                         goto done;
      93             :                 }
      94             :         }
      95             : 
      96          90 :         status = dcerpc_samr_EnumDomains(b, mem_ctx,
      97             :                                          connect_handle,
      98             :                                          &resume_handle,
      99             :                                          &sam,
     100             :                                          0xffffffff,
     101             :                                          &num_entries,
     102             :                                          &result);
     103          90 :         if (any_nt_status_not_ok(status, result, &status)) {
     104           0 :                 werr = ntstatus_to_werror(status);
     105           0 :                 goto done;
     106             :         }
     107             : 
     108          90 :         for (i=0; i<num_entries; i++) {
     109             : 
     110          90 :                 domain_name = sam->entries[i].name.string;
     111             : 
     112          90 :                 if (strequal(domain_name, builtin_domain_name())) {
     113           0 :                         continue;
     114             :                 }
     115             : 
     116          90 :                 domain_found = true;
     117          90 :                 break;
     118             :         }
     119             : 
     120          90 :         if (!domain_found) {
     121           0 :                 werr = WERR_NO_SUCH_DOMAIN;
     122           0 :                 goto done;
     123             :         }
     124             : 
     125          90 :         init_lsa_String(&lsa_domain_name, domain_name);
     126             : 
     127          90 :         status = dcerpc_samr_LookupDomain(b, mem_ctx,
     128             :                                           connect_handle,
     129             :                                           &lsa_domain_name,
     130             :                                           domain_sid,
     131             :                                           &result);
     132          90 :         if (any_nt_status_not_ok(status, result, &status)) {
     133           0 :                 werr = ntstatus_to_werror(status);
     134           0 :                 goto done;
     135             :         }
     136             : 
     137          90 :         status = dcerpc_samr_OpenDomain(b, mem_ctx,
     138             :                                         connect_handle,
     139             :                                         domain_mask,
     140             :                                         *domain_sid,
     141             :                                         domain_handle,
     142             :                                         &result);
     143          90 :         if (any_nt_status_not_ok(status, result, &status)) {
     144           0 :                 werr = ntstatus_to_werror(status);
     145           0 :                 goto done;
     146             :         }
     147             : 
     148          90 :         priv->samr.cli                       = pipe_cli;
     149             : 
     150          90 :         priv->samr.domain_name               = domain_name;
     151          90 :         priv->samr.domain_sid                = *domain_sid;
     152             : 
     153          90 :         priv->samr.connect_mask              = connect_mask;
     154          90 :         priv->samr.connect_handle    = *connect_handle;
     155             : 
     156          90 :         priv->samr.domain_mask               = domain_mask;
     157          90 :         priv->samr.domain_handle     = *domain_handle;
     158             : 
     159          90 :         werr = WERR_OK;
     160             : 
     161          90 :  done:
     162          90 :         return werr;
     163             : }
     164             : 
     165             : /****************************************************************
     166             : ****************************************************************/
     167             : 
     168          32 : WERROR libnetapi_samr_open_builtin_domain(struct libnetapi_ctx *mem_ctx,
     169             :                                           struct rpc_pipe_client *pipe_cli,
     170             :                                           uint32_t connect_mask,
     171             :                                           uint32_t builtin_mask,
     172             :                                           struct policy_handle *connect_handle,
     173             :                                           struct policy_handle *builtin_handle)
     174             : {
     175           0 :         NTSTATUS status, result;
     176           0 :         WERROR werr;
     177           0 :         struct libnetapi_private_ctx *priv;
     178          32 :         struct dcerpc_binding_handle *b = pipe_cli->binding_handle;
     179             : 
     180          32 :         priv = talloc_get_type_abort(mem_ctx->private_data,
     181             :                 struct libnetapi_private_ctx);
     182             : 
     183          32 :         if (is_valid_policy_hnd(&priv->samr.connect_handle)) {
     184          32 :                 if ((priv->samr.connect_mask & connect_mask) == connect_mask) {
     185          32 :                         *connect_handle = priv->samr.connect_handle;
     186             :                 } else {
     187           0 :                         libnetapi_samr_close_connect_handle(mem_ctx,
     188             :                                 &priv->samr.connect_handle);
     189             :                 }
     190             :         }
     191             : 
     192          32 :         if (is_valid_policy_hnd(&priv->samr.builtin_handle)) {
     193          29 :                 if ((priv->samr.builtin_mask & builtin_mask) == builtin_mask) {
     194          29 :                         *builtin_handle = priv->samr.builtin_handle;
     195             :                 } else {
     196           0 :                         libnetapi_samr_close_builtin_handle(mem_ctx,
     197             :                                 &priv->samr.builtin_handle);
     198             :                 }
     199             :         }
     200             : 
     201          32 :         if (is_valid_policy_hnd(&priv->samr.connect_handle) &&
     202          32 :             ((priv->samr.connect_mask & connect_mask) == connect_mask) &&
     203          32 :             is_valid_policy_hnd(&priv->samr.builtin_handle) &&
     204          29 :             (priv->samr.builtin_mask & builtin_mask) == builtin_mask) {
     205          29 :                 return WERR_OK;
     206             :         }
     207             : 
     208           3 :         if (!is_valid_policy_hnd(connect_handle)) {
     209           0 :                 status = dcerpc_try_samr_connects(pipe_cli->binding_handle, mem_ctx,
     210           0 :                                                   pipe_cli->srv_name_slash,
     211             :                                                   connect_mask,
     212             :                                                   connect_handle,
     213             :                                                   &result);
     214           0 :                 if (any_nt_status_not_ok(status, result, &status)) {
     215           0 :                         werr = ntstatus_to_werror(status);
     216           0 :                         goto done;
     217             :                 }
     218             :         }
     219             : 
     220           3 :         status = dcerpc_samr_OpenDomain(b, mem_ctx,
     221             :                                         connect_handle,
     222             :                                         builtin_mask,
     223             :                                         discard_const_p(struct dom_sid, &global_sid_Builtin),
     224             :                                         builtin_handle,
     225             :                                         &result);
     226           3 :         if (any_nt_status_not_ok(status, result, &status)) {
     227           0 :                 werr = ntstatus_to_werror(status);
     228           0 :                 goto done;
     229             :         }
     230             : 
     231           3 :         priv->samr.cli                       = pipe_cli;
     232             : 
     233           3 :         priv->samr.connect_mask              = connect_mask;
     234           3 :         priv->samr.connect_handle    = *connect_handle;
     235             : 
     236           3 :         priv->samr.builtin_mask              = builtin_mask;
     237           3 :         priv->samr.builtin_handle    = *builtin_handle;
     238             : 
     239           3 :         werr = WERR_OK;
     240             : 
     241           3 :  done:
     242           3 :         return werr;
     243             : }
     244             : 
     245             : /****************************************************************
     246             : ****************************************************************/
     247             : 
     248        1048 : void libnetapi_samr_close_domain_handle(struct libnetapi_ctx *ctx,
     249             :                                         struct policy_handle *handle)
     250             : {
     251           0 :         struct libnetapi_private_ctx *priv;
     252           0 :         struct dcerpc_binding_handle *b;
     253           0 :         NTSTATUS result;
     254             : 
     255        1048 :         if (!is_valid_policy_hnd(handle)) {
     256         958 :                 return;
     257             :         }
     258             : 
     259          90 :         priv = talloc_get_type_abort(ctx->private_data,
     260             :                 struct libnetapi_private_ctx);
     261             : 
     262          90 :         if (!ndr_policy_handle_equal(handle, &priv->samr.domain_handle)) {
     263           0 :                 return;
     264             :         }
     265             : 
     266          90 :         b = priv->samr.cli->binding_handle;
     267             : 
     268          90 :         dcerpc_samr_Close(b, ctx, handle, &result);
     269             : 
     270          90 :         ZERO_STRUCT(priv->samr.domain_handle);
     271             : }
     272             : 
     273             : /****************************************************************
     274             : ****************************************************************/
     275             : 
     276        1040 : void libnetapi_samr_close_builtin_handle(struct libnetapi_ctx *ctx,
     277             :                                          struct policy_handle *handle)
     278             : {
     279           0 :         struct libnetapi_private_ctx *priv;
     280           0 :         struct dcerpc_binding_handle *b;
     281           0 :         NTSTATUS result;
     282             : 
     283        1040 :         if (!is_valid_policy_hnd(handle)) {
     284        1037 :                 return;
     285             :         }
     286             : 
     287           3 :         priv = talloc_get_type_abort(ctx->private_data,
     288             :                 struct libnetapi_private_ctx);
     289             : 
     290           3 :         if (!ndr_policy_handle_equal(handle, &priv->samr.builtin_handle)) {
     291           0 :                 return;
     292             :         }
     293             : 
     294           3 :         b = priv->samr.cli->binding_handle;
     295             : 
     296           3 :         dcerpc_samr_Close(b, ctx, handle, &result);
     297             : 
     298           3 :         ZERO_STRUCT(priv->samr.builtin_handle);
     299             : }
     300             : 
     301             : /****************************************************************
     302             : ****************************************************************/
     303             : 
     304        1040 : void libnetapi_samr_close_connect_handle(struct libnetapi_ctx *ctx,
     305             :                                          struct policy_handle *handle)
     306             : {
     307           0 :         struct libnetapi_private_ctx *priv;
     308           0 :         struct dcerpc_binding_handle *b;
     309           0 :         NTSTATUS result;
     310             : 
     311        1040 :         if (!is_valid_policy_hnd(handle)) {
     312         958 :                 return;
     313             :         }
     314             : 
     315          82 :         priv = talloc_get_type_abort(ctx->private_data,
     316             :                 struct libnetapi_private_ctx);
     317             : 
     318          82 :         if (!ndr_policy_handle_equal(handle, &priv->samr.connect_handle)) {
     319           0 :                 return;
     320             :         }
     321             : 
     322          82 :         b = priv->samr.cli->binding_handle;
     323             : 
     324          82 :         dcerpc_samr_Close(b, ctx, handle, &result);
     325             : 
     326          82 :         ZERO_STRUCT(priv->samr.connect_handle);
     327             : }
     328             : 
     329             : /****************************************************************
     330             : ****************************************************************/
     331             : 
     332        1040 : void libnetapi_samr_free(struct libnetapi_ctx *ctx)
     333             : {
     334           0 :         struct libnetapi_private_ctx *priv;
     335             : 
     336        1040 :         if (!ctx->private_data) {
     337           0 :                 return;
     338             :         }
     339             : 
     340        1040 :         priv = talloc_get_type_abort(ctx->private_data,
     341             :                 struct libnetapi_private_ctx);
     342             : 
     343        1040 :         libnetapi_samr_close_domain_handle(ctx, &priv->samr.domain_handle);
     344        1040 :         libnetapi_samr_close_builtin_handle(ctx, &priv->samr.builtin_handle);
     345        1040 :         libnetapi_samr_close_connect_handle(ctx, &priv->samr.connect_handle);
     346             : }

Generated by: LCOV version 1.14