Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Name lookup.
5 :
6 : Copyright (C) Jeremy Allison 2005
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "utils/net.h"
24 : #include "rpc_client/cli_pipe.h"
25 : #include "../librpc/gen_ndr/ndr_lsa.h"
26 : #include "rpc_client/cli_lsarpc.h"
27 : #include "libsmb/libsmb.h"
28 :
29 : /********************************************************
30 : Connection cachine struct. Goes away when ctx destroyed.
31 : ********************************************************/
32 :
33 : struct con_struct {
34 : bool failed_connect;
35 : NTSTATUS err;
36 : struct cli_state *cli;
37 : struct rpc_pipe_client *lsapipe;
38 : struct policy_handle pol;
39 : };
40 :
41 : static struct con_struct *cs;
42 :
43 : /********************************************************
44 : Close connection on context destruction.
45 : ********************************************************/
46 :
47 2 : static int cs_destructor(struct con_struct *p)
48 : {
49 2 : if (cs->cli) {
50 0 : cli_shutdown(cs->cli);
51 : }
52 2 : cs = NULL;
53 2 : return 0;
54 : }
55 :
56 : /********************************************************
57 : Create the connection to localhost.
58 : ********************************************************/
59 :
60 2 : static struct con_struct *create_cs(struct net_context *c,
61 : TALLOC_CTX *ctx, NTSTATUS *perr)
62 : {
63 0 : NTSTATUS nt_status;
64 0 : struct sockaddr_storage loopback_ss;
65 2 : struct cli_credentials *anon_creds = NULL;
66 :
67 2 : *perr = NT_STATUS_OK;
68 :
69 2 : if (!interpret_string_addr(&loopback_ss, "127.0.0.1", AI_NUMERICHOST)) {
70 0 : *perr = NT_STATUS_INVALID_PARAMETER;
71 0 : return NULL;
72 : }
73 :
74 2 : if (cs) {
75 0 : if (cs->failed_connect) {
76 0 : *perr = cs->err;
77 0 : return NULL;
78 : }
79 0 : return cs;
80 : }
81 :
82 2 : cs = talloc(ctx, struct con_struct);
83 2 : if (!cs) {
84 0 : *perr = NT_STATUS_NO_MEMORY;
85 0 : return NULL;
86 : }
87 :
88 2 : anon_creds = cli_credentials_init_anon(cs);
89 2 : if (anon_creds == NULL) {
90 0 : TALLOC_FREE(cs);
91 0 : *perr = NT_STATUS_NO_MEMORY;
92 0 : return NULL;
93 : }
94 :
95 2 : ZERO_STRUCTP(cs);
96 2 : talloc_set_destructor(cs, cs_destructor);
97 :
98 2 : nt_status = cli_full_connection_creds(c,
99 2 : &cs->cli,
100 : lp_netbios_name(),
101 : lp_netbios_name(),
102 : &loopback_ss,
103 : 0,
104 : "IPC$",
105 : "IPC",
106 : anon_creds,
107 : CLI_FULL_CONNECTION_IPC);
108 :
109 2 : if (!NT_STATUS_IS_OK(nt_status)) {
110 2 : DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status)));
111 2 : cs->failed_connect = true;
112 2 : cs->err = nt_status;
113 2 : *perr = nt_status;
114 2 : return NULL;
115 : }
116 :
117 0 : nt_status = cli_rpc_pipe_open_noauth(cs->cli,
118 : &ndr_table_lsarpc,
119 0 : &cs->lsapipe);
120 :
121 0 : if (!NT_STATUS_IS_OK(nt_status)) {
122 0 : DEBUG(2,("create_cs: open LSA pipe failed. Error was %s\n", nt_errstr(nt_status)));
123 0 : cs->failed_connect = true;
124 0 : cs->err = nt_status;
125 0 : *perr = nt_status;
126 0 : return NULL;
127 : }
128 :
129 0 : nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, true,
130 : SEC_FLAG_MAXIMUM_ALLOWED,
131 0 : &cs->pol);
132 :
133 0 : if (!NT_STATUS_IS_OK(nt_status)) {
134 0 : DEBUG(2,("create_cs: rpccli_lsa_open_policy failed. Error was %s\n", nt_errstr(nt_status)));
135 0 : cs->failed_connect = true;
136 0 : cs->err = nt_status;
137 0 : *perr = nt_status;
138 0 : return NULL;
139 : }
140 :
141 0 : return cs;
142 : }
143 :
144 : /********************************************************
145 : Do a lookup_sids call to localhost.
146 : Check if the local machine is authoritative for this sid. We can't
147 : check if this is our SID as that's stored in the root-read-only
148 : secrets.tdb.
149 : The local smbd will also ask winbindd for us, so we don't have to.
150 : ********************************************************/
151 :
152 2 : NTSTATUS net_lookup_name_from_sid(struct net_context *c,
153 : TALLOC_CTX *ctx,
154 : struct dom_sid *psid,
155 : const char **ppdomain,
156 : const char **ppname)
157 : {
158 0 : NTSTATUS nt_status;
159 2 : struct con_struct *csp = NULL;
160 0 : char **domains;
161 0 : char **names;
162 0 : enum lsa_SidType *types;
163 :
164 2 : *ppdomain = NULL;
165 2 : *ppname = NULL;
166 :
167 2 : csp = create_cs(c, ctx, &nt_status);
168 2 : if (csp == NULL) {
169 2 : return nt_status;
170 : }
171 :
172 0 : nt_status = rpccli_lsa_lookup_sids(csp->lsapipe, ctx,
173 : &csp->pol,
174 : 1, psid,
175 : &domains,
176 : &names,
177 : &types);
178 :
179 0 : if (!NT_STATUS_IS_OK(nt_status)) {
180 0 : return nt_status;
181 : }
182 :
183 0 : *ppdomain = domains[0];
184 0 : *ppname = names[0];
185 : /* Don't care about type here. */
186 :
187 : /* Converted OK */
188 0 : return NT_STATUS_OK;
189 : }
190 :
191 : /********************************************************
192 : Do a lookup_names call to localhost.
193 : ********************************************************/
194 :
195 0 : NTSTATUS net_lookup_sid_from_name(struct net_context *c, TALLOC_CTX *ctx,
196 : const char *full_name, struct dom_sid *pret_sid)
197 : {
198 0 : NTSTATUS nt_status;
199 0 : struct con_struct *csp = NULL;
200 0 : struct dom_sid *sids = NULL;
201 0 : enum lsa_SidType *types = NULL;
202 :
203 0 : csp = create_cs(c, ctx, &nt_status);
204 0 : if (csp == NULL) {
205 0 : return nt_status;
206 : }
207 :
208 0 : nt_status = rpccli_lsa_lookup_names(csp->lsapipe, ctx,
209 : &csp->pol,
210 : 1,
211 : &full_name,
212 : NULL, 1,
213 : &sids, &types);
214 :
215 0 : if (!NT_STATUS_IS_OK(nt_status)) {
216 0 : return nt_status;
217 : }
218 :
219 0 : *pret_sid = sids[0];
220 :
221 : /* Converted OK */
222 0 : return NT_STATUS_OK;
223 : }
|
